First download openSSL at slproweb.com/products/Wi…

After downloading, run OpenSSL to enter the interactive interface:

Privatekey. pem 1024 meaning 1024 bits.

openssl genrsa -out privatekey.pem 1024

Privatekey. pem: privatekey.pem

What is a PEM file?

.pem – Defined in RFCs 1421 through 1424, this is a container format that may include just the public certificate (such as with Apache installs, and CA certificate files /etc/ssl/certs), or may include an entire certificate chain including public key, private key, and root certificates. Confusingly, it may also encode a CSR (e.g. as used here) as the PKCS10 format can be translated into PEM. The name is from Privacy Enhanced Mail (PEM), a failed method for secure email but the container format it used lives on, and is a base64 translation of the x509 ASN.1 keys.

Simply put, it is a key file.

Second, generate a certificate request based on the key file generated in the first step: openssl req -new-key privatekey.pem -out certrequess.csr

If you are too lazy to maintain the certificate details, press Enter and the default values will be automatically filled in:

Finally, a digital certificate is generated based on the key and certificate request generated in the first step: the issuer is itself, of course, for testing purposes only. openssl x509 -req -in certrequest.csr -signkey privatekey.pem -out certificate.pem

At this point we have two certificates, privateKey. pem and certificate. pem.

Here is the code for my HTTPS server, very simple, just 50 lines or so:

var app = require('express') ();var fs    = require('fs');
var https = require('https');

var httpOptions =  {
 key: fs.readFileSync("keys/privatekey.pem"),
 cert: fs.readFileSync("keys/certificate.pem")}var server = https.createServer(httpOptions, app);
var io = require('socket.io')(server);

console.log("https server listens on port 8080...");

server.listen(8080);

function print_env(){
  console.log(process.env);
}

app.get('/'.function (req, res) {

  var response = "Hello World";
  res.send(response);
});

app.get('/env'.function (req, res) {

  print_env();
  // res.sendFile(__dirname + '/index.html');
  var response = JSON.stringify(process.env);
  res.send(response);
});

app.get('/redis'.function (req, res) {

  var redisClient = require("./redisClient");
  
  function callback(response){
    // var response = "ok"; //JSON.stringify(process.env);
    res.send(response);
  }
  redisClient.test(callback);
});

io.on('connection'.function (socket) {
  console.log("connect comming from client: " + socket.id);
  socket.emit('messages_jerry', { hello: 'world greeting from Server! ' });
  socket.on('messages'.function (data) {
    console.log("data received from Client:" + JSON.stringify(data,2.2));
  });
});
Copy the code

It is not difficult to understand from the code how the two PEM files are used in the HTTPS server. Finally, test it in the browser. Because the certificate is self-issued and not authenticated by the CA, the browser displays a warning.

For more of Jerry’s original articles, please follow the public account “Wang Zixi “: