node.js - Certbot - How to create SSL certs and keys for IP:3030? -
i have expressjs app running on ip address @ port 3030.
how can create ssl cert , key type of address?
i tried with:
$ certbot certonly --standalone --email test1@yahoo.co.uk -d 127.0.1.1:3030
i error:
requested domain 127.0.1.1:3030 not fqdn
any ideas?
this package use - certbot.
this www file in expressjs bin directory:
#!/usr/bin/env node /** * module dependencies. */ var app = require('../app'); var debug = require('debug')('mongoose-iot:server'); var http = require('http'); // add https support. // https://www.hacksparrow.com/express-js-https.html // http://stackoverflow.com/questions/11744975/enabling-https-on-express-js // http://blog.mgechev.com/2014/02/19/create-https-tls-ssl-application-with-express-nodejs/ var https = require('https'); var fs = require('fs'); /** * port environment , store in express. */ var port = normalizeport(process.env.port || '3000'); app.set('port', port); /** * create http server. */ var server = http.createserver(app); /** * listen on provided port, on network interfaces. */ server.listen(port); server.on('error', onerror); server.on('listening', onlistening); /** * port environment , store in express. */ var httpsport = normalizeport(process.env.port || '3030'); app.set('port', httpsport); /** * create https server. */ var options = { key: fs.readfilesync('ssl/key.pem'), cert: fs.readfilesync('ssl/cert.pem') }; var httpsserver = https.createserver(options, app); /** * listen on provided port, on network interfaces. */ httpsserver.listen(httpsport); httpsserver.on('error', onerror); httpsserver.on('listening', onlistening); /** * normalize port number, string, or false. */ function normalizeport(val) { var port = parseint(val, 10); if (isnan(port)) { // named pipe return val; } if (port >= 0) { // port number return port; } return false; } /** * event listener http server "error" event. */ function onerror(error) { if (error.syscall !== 'listen') { throw error; } var bind = typeof port === 'string' ? 'pipe ' + port : 'port ' + port; // handle specific listen errors friendly messages switch (error.code) { case 'eacces': console.error(bind + ' requires elevated privileges'); process.exit(1); break; case 'eaddrinuse': console.error(bind + ' in use'); process.exit(1); break; default: throw error; } } /** * event listener http server "listening" event. */ function onlistening() { var addr = server.address(); var bind = typeof addr === 'string' ? 'pipe ' + addr : 'port ' + addr.port; debug('listening on ' + bind); }
the problem letsencrypt ssl certficates domain names, doesn't have ip address or port. must have valid , publicly accessible domain name letsencrypt authority server can verify it.
in case common practice use http (and not https) in development using simple check like:
if (process.env.node_env === "production") { // httpsserver.listen(httpsport) } else { // ... }
Comments
Post a Comment