How to generate and use a SSL certificate in NodeJS

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys welcome back again so in this video let's see that how do we generate a ssl certificate for our development server and then finally we will be seeing that how do we use that certificate to be used inside our application so as you can see that i have created a new npm project inside this folder that is node ssl server and here i have only installed one dependency and that is the express dependency and then i have a start script here that says node mod app.js and if you haven't installed notepad globally on your system then you can simply do npm install hyphen g node mod so that the application is restarted as soon as there are changes in the dot js files and if we look into the app.js file so we simply have a console.log statement so firstly what i am going to do i am going to require a couple of modules here so firstly we will require express so const express equal to require express like this and then we will require the https module from node.js framework so we'll say const https equal to require https this one here and then we'll also require two other modules and that is the path module and the fs module that is the file system module so const path equal to a required path like this and then the file system module so const fs equal to require fs like this and now what we need to do we need to initialize our app that is the express application so const app equal to express like this and then we'll be having a single route here and that is the home route so app.uh let's use here that is for all the types of request that is the get post put patch and lead then and whatever there is so app.use and then we have a callback that takes in request response and next like this and now we can simply send back the response here so response dot send hello from ssl server like this so let's save this and finally what i'm going to do i'm going to do this that is app.listen and here we need to provide in the port and then the callback here but here to use this https module we are not going to do it this way so let me remove this line from here and here firstly we will create an ssl server so what we'll do we'll say const ssl server equal to https dot create server and here it takes in a couple of options here and then the second argument would be the app here that is the express application like this and here in this options thing here we need to provide in properties here and that is the key of the certificate that is the ssl certificate and we'll be providing this in a moment and then finally we need to provide in the certificate itself and this again we'll be providing it in a minute and finally what we need to do we need to simply say ssl server dot listen and here we need to provide in the port number so let's provide three four four three and then we have a call back here so here we can simply say console.log that our secure server so secure server so this rope rocket and this key secure server on port 3443 like this and now this application would not work because we need to provide in a key here and the certificate itself so for that let's open our terminal here so i'm using an inbuilt terminal inside vs code and we are in inside this node ssl server directory so vls we have this these files here so firstly what i am going to do i am going to create a new directory so make the cert and you can name this directory whatever you like but i'm using cert here so now let me cd into the search here so cd sort and now the directory is empty so let me increase the terminal size here and let me also clear it out so this folder is empty that is this third directory and now what i am going to use i am going to use this open ssl module that is built inside max and if you want to install it on linux or on windows then you can go to this website that is openssl.org and here and here you can find ways to install on the operating system you are using so since i am using mac so i have open ssl installed here and if i do open ssl here then i am here inside open ssl but we do not want to use this thing here so let me exit it out and let me clear it out again so now to generate a certificate that is an ssl certificate firstly we need to generate the key so what i am going to do i am going to write some commands so firstly what we will do we will generate a key so we will do open ssl so gen r say that is an rsa key not rda but rsa and then we are going to output it inside the key.pam file so key dot pim so now we see that our that our folder search contains one file that is key.pim and if we look at here then this is the private key and now what i am going to do i am going to create a certificate signing request and since we are our own certificate authority so we can use that certificate signing request to generate our certificate so now what i'm going to do i'm going to create a new certificate signing request so open ssl request new we need to create a new certificate signing request and then and for that we need to provide in the key and the key would be the key that we have just generated and the key name is key.pim and then we need to output the certificate signing request so we can use so let's say out csr.pam like this and now here it will ask us about some questions and it depends on you that what all information you need to provide here and it and at least you need to provide in one information here so for the country name let me provide an in for the state or province let me provide simply so let me simply skip it by pressing enter then the locality so i'm again skipping it organization name so let's provide pick your page that's our organization and then we need to provide in the unit name so we can again skip it we need to provide in a common name let's again skip it and for the email address so let's provide the email address so yours truly 2607 at gmail.com and then it asks us for the challenge password so let's completely skip it so let's press enter here and now we see that we have this csr dot epm file but instead it should be pem file so let me rename this file here it should not be epm it but it should be pem so let me rename it here so it doesn't matter so let me rename it here so it is a csr.pm file and if you look at the contents of this for this file it says that it's a certificate request and from this certificate request we are going to generate our ssl certificate so now what we need to do we need to create a ssl certificate so for that we are going to again use openssl so open ssl and then we need to provide in the standard here and that is x509 and this x509 is a standard defining the format of the public key certificates so that's what we are using and then we need to request the certificate by passing in req and then we need to provide in the days for which the certificate would be valid so let's keep the days to be 365. and then we need to pass in the certificate signing request file so hyphen in csr.pam and then we need to also provide in the signing key so what we can do we can provide hyphen sign key and then we can simply say e.pim because this is the key which we have generated that is the private key and then we need to provide in the file name where the certificate would be saved so let's say hyphen out cert dot pim and this is the actual certificate which we are going to use inside our application so now let's press enter and we see that this certificate has been created that is the certificate that is cert.pim and now we can use the certificate inside our application and now what you can do you can even delete this csr dot pam file because we do not need it anymore so let's remove this file that is csr.pam or let it be here so let me close this file here and now here inside our ssl server we need to provide these files that is this key dot pim and sir dot pam inside this https dot create server object here that is this object here so let me cd back into my node ssl server and now here to provide those files that is key dot pam insert dot pim we can use the fs module that we imported initially so we can simply say fs dot read file sync and here i am using the synchronous version because this information is vital to our application that is without these certificates our application should not be started so therefore i am using read file sync but otherwise inside any node.js application you should make sure that you should avoid using synchronous function but but for this i am using it and now we need to provide in the path of the key so what we can do we can use the path module that we imported initially so path dot join and here the first argument we need to pass is the door name that is the currently executing directory and then we need to go inside the search directory and then the file name and the file name is key dot pin so key dot pem like this and now again for the certificate what we can do we can use the same thing here so let's use it again so fs dot rate file sync and then we need to provide in path dot join and then the der name and then we need to go in the third folder and then the file name is cert.pam like this so now let's save this application and now let's start our application so let me do npm start and we see that our secure server is on port three four four three so let's go to a browser here and let's try to open localhost port 3443 and we see that this page isn't working because we are currently on the http version so let's go to https localhostport3443 so if we go here then we see that we are getting this message back that is hello from ssl server and right now you are getting this thing here that is not secure though we are using the certificate here so if we click here that is on this not secure icon here or this tab here and if you click this here that is the certificate it says invalid but the certificate is 100 valid and it only shows that this certificate is not valid because you have generated a certificate but not a known certificate authority has generated the certificate so chrome has certain certificate authorities that it trust but it does not trust you as a certificate authority so therefore it is saying not secure but if we look here we see that we have our certificate and it's 100 valid ssl certificate but you should typically use this certificate only in development purposes and for a production application you should be using a certificate that is generated by a certificate authority and one of the best certificate authorities is the let's encrypt certificate authority because it provides you with three months of free ssl each time and you can renew those that certificate after every three months so here if we look at the contents of the certificate then we can see that we have the country the organization the email address and then we have the algorithm also that is the public key algorithm and then what all you need to have inside the ssl certificate and if you if you are not able to access this site on your local host port 3443 then what you need to do you need to open another tab here and you need to open the chrome flags here so let's open chrome flags here so you can open chrome flags here like chrome colon forward slash forward slash flags so let's enter here and here you need to search for allow invalid certificates so allow invalid certificates for resources loaded from localhost and here you need to enable it so currently i have it enabled but in your case it is hundred percent chances that it is disabled so if you are not able to access your site on local host port 343 then you can go to chrome flags and enable this thing here that is allow invalid certificates for resources loaded from localhost so this needs to be enabled so guys that's all about this video so if you have liked the video to hit the like button and if you haven't subscribed to the channel do subscribe to the channel and press the bell icon and if you want you can support me on the links given in the description below so thank you bye tata take care and have a good day

Info

Channel: Mafia Codes

Views: 85,083

Rating: undefined out of 5

Keywords: android, yourstruly, what is a ssl certificate, how to get ssl certificate, difference in ssl and tls, how to use ssl on nodejs, how to install a ssl certificate on nodejs, what is a certificate authority, ssl/tls, ssl

Id: USrMdBF0zcg

Channel Id: undefined

Length: 13min 59sec (839 seconds)

Published: Sat Aug 29 2020