Self Sign SSL

下面介紹兩種self sign ssl的作法
預期產出key: server.key, cert: server.csr兩個檔案

基本款:
openssl genrsa -out server.key 1024
openssl req -new -key server.key -out certrequest.csr
openssl x509 -req -in certrequest.csr -signkey server.key -out server.crt


增加移除key phase步驟:
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

於ExpressJs中,可以如下設定:

Step 1: 產key
將產出的server.key, server.crt放到專案目錄下

Step 2: 設定建立https server所需之options
var key = 'server.key';
var crt = 'server.crt'
var privateKey = fs.readFileSync(key);
var certificate = fs.readFileSync(crt);
var options = {
    key: privateKey,
    cert: certificate,
};

Step 3: 於createServer中加入key options
https.createServer(options, app).listen(app.get('port'), function(){
  console.log("Express server listening on port " + app.get('port'));
});