Hi, I have set up a new VPS according to https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/ I have a question about Letsencrypt configuration files, I have already enabled Let's Encrypt SSL under Websites & works fine with websites but now I am trying to install an application of node js & ask to set it up as under; For nodejs to be accessed using https, I must edit one of the server.js file of my application from const http = require('http') const server = http.createServer(app); to & should look like const https = require('https') const server = https.createServer({ "key": fs.readFileSync("/path/your/key/ssl/xxx.pem"), "cert": fs.readFileSync("/path/your/cert/ssl/xxxx.pem"), }, app); My question is where do I find this path "/path/your/key/ssl/xxx.pem" I tried setting up in /var/www/clients/client1/web1 but could not do much on it Please help Thanks
I would suggest changing the title of this post to include something like: Secure Node.js applications with LetsEncrypt certificate in the web folder. My friend and I spent two days trying to figure this out ... and we did today before stumbling upon this post. We did try to use ProxyPass etc which did not work for us...and you can search the web with all relevant search terms and not find the answer. Here is what we used to successfully test: Code: var express = require('express'); var https = require('https'); var http = require('http'); var fs = require('fs'); var app = express(); var options = { key: fs.readFileSync('/var/www/yourwebsite.tld/ssl/yourwebsite.tld-le.key'), cert: fs.readFileSync('/var/www/yourwebsite.tld/ssl/yourwebsite.tld-le.crt') }; // var options = {} app.get('/', function(req, res){ res.send('Hello World!'); }); http.createServer(app).listen(8880, function(err){ if (err) console.log("Error in server setup") console.log("http Server listening on Port", 8880); }) https.createServer(options, app).listen(8843, function(err){ if (err) console.log("Error in server setup") console.log("https Server listening on Port", 8843); }) If this is wrong or unsafe or can be improved...please let me know. Thanks
Thank you for posting your solution. I've changed the thread title and moved it to the tips & tricks forum.
If you like proxy trafic from ispconfig site to backend nodejs application use this snippet apache directive which you can add in site options section. LE renewal is maintained by ispconfig itself backend app dont even know about that. replace backendip and backendport to fit your infrastructure. This example pass websocket traffic. SSLProxyEngine On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off RewriteEngine on RewriteCond %{HTTP:Upgrade} websocket [NC] RewriteCond %{HTTP:Connection} upgrade [NC] RewriteRule ^/?(.*) "ws://backendip:backendport/$1" [P,L] ProxyPass /.well-known/ ! ProxyPass / http://backendip:backendport/ ProxyPassReverse / http://backendip:backendport/
