Node Express HTTPS Server

A simple Express.js server configured to run with HTTPS using SSL certificates and automatic HTTP to HTTPS redirection.

📋 Features

• ✅ Express.js web server
• 🔒 HTTPS support with SSL certificates
• 🔄 Automatic HTTP to HTTPS redirection
• 🌍 Environment-based configuration
• 🛡️ Self-signed certificates for development

🚀 Quick Start

Prerequisites

• Node.js (version 14 or higher)
• OpenSSL (usually pre-installed on macOS/Linux)

Installation

1. Clone the repository:

   git clone <your-repo-url>
   cd node-express-https

2. Install dependencies:

   npm install

3. Set up environment variables:

   cp .env.dist .env

   Edit .env if you want to change the default ports:

   PORT=3000        # HTTP port
   HTTPS_PORT=3443  # HTTPS port

4. Generate SSL certificates:

   # Navigate to the ssl directory
   cd ssl
   
   # Generate self-signed certificate and private key
   openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/C=US/ST=State/L=City/O=Organization/CN=localhost"
   
   # Return to project root
   cd ..

5. Start the server:

   npm start

🌐 Usage

After starting the server, you can access it at:

• HTTPS (Secure): https://localhost:3443
• HTTP (Redirects to HTTPS): http://localhost:3000

Browser Security Warning

When using self-signed certificates, browsers will show a security warning. This is normal for development:

1. Chrome/Edge: Click "Advanced" → "Proceed to localhost (unsafe)"
2. Firefox: Click "Advanced" → "Accept the Risk and Continue"
3. Safari: Click "Show Details" → "visit this website"

📁 Project Structure

node-express-https/
├── ssl/                    # SSL certificates directory
│   ├── .gitkeep           # Keeps the ssl folder in git
│   ├── cert.pem           # SSL certificate (generated)
│   └── key.pem            # Private key (generated)
├── .env                   # Environment variables (ignored by git)
├── .env.dist              # Environment variables template
├── .gitignore             # Git ignore rules
├── index.js               # Main server file
├── package.json           # Project dependencies
└── README.md              # This file

🔧 SSL Certificate Generation

Option 1: Basic Self-Signed Certificate (Recommended for Development)

cd ssl
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/C=US/ST=State/L=City/O=Organization/CN=localhost"

Option 2: Interactive Certificate Generation

cd ssl
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes

You'll be prompted to enter:

• Country Name (2 letter code): US
• State: Your State
• City: Your City
• Organization: Your Organization
• Organizational Unit: IT Department
• Common Name: localhost (Important!)
• Email: your-email@example.com

Option 3: Certificate with Subject Alternative Names

For better browser compatibility, create a config file first:

cd ssl
cat > localhost.conf << EOF
[req]
default_bits = 2048
prompt = no
distinguished_name = req_distinguished_name
req_extensions = v3_req

[req_distinguished_name]
C = US
ST = CA
L = San Francisco
O = Development
OU = IT Department
CN = localhost

[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[alt_names]
DNS.1 = localhost
DNS.2 = *.localhost
IP.1 = 127.0.0.1
IP.2 = ::1
EOF

openssl req -new -x509 -keyout key.pem -out cert.pem -days 365 -nodes -config localhost.conf

🔒 Security Notes

Development vs Production

• Development: Self-signed certificates are perfect for local development
• Production: Use certificates from a trusted Certificate Authority like:
  • Let's Encrypt (Free)
  • Cloudflare
  • SSL.com
  • DigiCert

Certificate Security

• SSL certificates are automatically excluded from git (see .gitignore)
• Never commit private keys (key.pem) to version control
• Regenerate certificates periodically for security

⚙️ Configuration

Environment Variables

Variable	Default	Description
PORT	3000	HTTP server port (redirects to HTTPS)
HTTPS_PORT	3443	HTTPS server port

Customizing Ports

Edit your .env file:

PORT=8080
HTTPS_PORT=8443

🛠️ Troubleshooting

Common Issues

1. "ENOENT: no such file or directory" error:

   • Make sure you've generated the SSL certificates in the ssl/ folder

2. "Port already in use" error:

   • Change the port numbers in your .env file
   • Or kill the process using the port: lsof -ti:3000 | xargs kill -9

3. "Cannot GET /" error:

   • Make sure you're visiting the correct URL with HTTPS protocol

4. Browser shows "Not Secure":

   • This is normal with self-signed certificates
   • Click "Advanced" and proceed to continue

Regenerating Certificates

If you need to regenerate your certificates:

cd ssl
rm cert.pem key.pem
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/C=US/ST=State/L=City/O=Organization/CN=localhost"

📝 Scripts

• npm start - Start the HTTPS server