资料内容:
Installing a real SSL certificate
In order to move a secure application out of a development environment and into an
Internet-exposed environment a real certificate will need to be purchased. The prices
of these certificates has been dropping year by year, and it should be easy to find
reasonably priced providers of certificates with a high-enough level of security. Some
providers even offer free person-use certificates.
Setting up a professional cert simply requires changing the HTTPS options we
introduced above. Different providers will have different processes and filenames.
Typically you will need to download or otherwise receive from your provider
a private .key file, your signed domain certificate .crt file, and a bundle describing
certificate chains:
var options = {
key : fs.readFileSync("mysite.key"),
cert : fs.readFileSync("mysite.com.crt"),
ca : [ fs.readFileSync("gd_bundle.crt") ]
};
It is important to note that the ca parameter must be sent as an array, even if the
bundle of certificates has been concatenated into one file.
The request object
HTTP request and response messages are similar, consisting of:
• A status line, which for a request would resemble GET/index.html
HTTP/1.1, and for a response would resemble HTTP/1.1 200 OK
• Zero or more headers, which in a request might include Accept-Charset:
UTF-8 or From: user@server.com, and in responses might resemble
Content-Type: text/html and Content-Length: 1024
• A message body, which for a response might be an HTML page, and for
a POST request might be some form data
We've seen how HTTP server interfaces in Node are expected to expose a request
handler, and how this handler will be passed some form of a request and response
object, each of which implement a readable or writable stream.