Express API文档非常清楚地说明了这一点。

此外，这个答案给出了创建自签名证书的步骤。

我从Node.js HTTPS文档中添加了一些注释和一个片段:

var express = require('express');
var https = require('https');
var http = require('http');
var fs = require('fs');

// This line is from the Node.js HTTPS documentation.
var options = {
  key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'),
  cert: fs.readFileSync('test/fixtures/keys/agent2-cert.cert')
};

// Create a service (the app object is just a callback).
var app = express();

// Create an HTTP service.
http.createServer(app).listen(80);
// Create an HTTPS service identical to the HTTP service.
https.createServer(options, app).listen(443);

更新

通过Greenlock.js使用Let's Encrypt

最初的发布

我注意到，这些答案都没有显示添加一个中间根CA到链中，这里有一些零配置的例子来看看:

https://github.com/solderjs/nodejs-ssl-example http://coolaj86.com/articles/how-to-create-a-csr-for-https-tls-ssl-rsa-pems/ https://github.com/solderjs/nodejs-self-signed-certificate-example

代码片段:

var options = {
  // this is the private key only
  key: fs.readFileSync(path.join('certs', 'my-server.key.pem'))

// this must be the fullchain (cert + intermediates)
, cert: fs.readFileSync(path.join('certs', 'my-server.crt.pem'))

// this stuff is generally only for peer certificates
//, ca: [ fs.readFileSync(path.join('certs', 'my-root-ca.crt.pem'))]
//, requestCert: false
};

var server = https.createServer(options);
var app = require('./my-express-or-connect-app').create(server);
server.on('request', app);
server.listen(443, function () {
  console.log("Listening on " + server.address().address + ":" + server.address().port);
});

var insecureServer = http.createServer();
server.listen(80, function () {
  console.log("Listening on " + server.address().address + ":" + server.address().port);
});

如果你不尝试直接通过connect或express来做，这是那些通常更容易的事情之一，而是让本地https模块处理它，然后使用它来为你的connect / express应用服务。

另外，如果你使用服务器。On ('request'， app)而不是在创建服务器时传递应用程序，它让你有机会将服务器实例传递给一些创建connect / express应用程序的初始化函数(例如，如果你想在同一台服务器上通过SSL进行websockets)。

Express API文档非常清楚地说明了这一点。

此外，这个答案给出了创建自签名证书的步骤。

我从Node.js HTTPS文档中添加了一些注释和一个片段:

var express = require('express');
var https = require('https');
var http = require('http');
var fs = require('fs');

// This line is from the Node.js HTTPS documentation.
var options = {
  key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'),
  cert: fs.readFileSync('test/fixtures/keys/agent2-cert.cert')
};

// Create a service (the app object is just a callback).
var app = express();

// Create an HTTP service.
http.createServer(app).listen(80);
// Create an HTTPS service identical to the HTTP service.
https.createServer(options, app).listen(443);

如果您只需要在本地进行本地开发，那么我已经为这个任务创建了实用程序https://github.com/pie6k/easy-https

import { createHttpsDevServer } from 'easy-https';

async function start() {
  const server = await createHttpsDevServer(
    async (req, res) => {
      res.statusCode = 200;
      res.write('ok');
      res.end();
    },
    {
      domain: 'my-app.dev',
      port: 3000,
      subdomains: ['test'], // will add support for test.my-app.dev
      openBrowser: true,
    },
  );
}

start();

It:

将自动添加正确的域条目到/etc/hosts 只在第一次运行/域更改时才会问您admin密码吗 将为给定的域准备https证书 是否信任本地机器上的这些证书 将打开浏览器开始指向您的本地服务器https url

在Node.js中HTTPS服务器的最小设置是这样的:

var https = require('https');
var fs = require('fs');

var httpsOptions = {
    key: fs.readFileSync('path/to/server-key.pem'),
    cert: fs.readFileSync('path/to/server-crt.pem')
};

var app = function (req, res) {
  res.writeHead(200);
  res.end("hello world\n");
}

https.createServer(httpsOptions, app).listen(4433);

如果你也想支持http请求，你需要做一个小小的修改:

var http = require('http');
var https = require('https');
var fs = require('fs');

var httpsOptions = {
    key: fs.readFileSync('path/to/server-key.pem'),
    cert: fs.readFileSync('path/to/server-crt.pem')
};

var app = function (req, res) {
  res.writeHead(200);
  res.end("hello world\n");
}

http.createServer(app).listen(8888);
https.createServer(httpsOptions, app).listen(4433);

Download rar file for openssl set up from here: https://indy.fulgan.com/SSL/openssl-0.9.8r-i386-win32-rev2.zip Just copy your folder in c drive. Create openssl.cnf file and download their content from : http://web.mit.edu/crypto/openssl.cnf openssl.cnf can be put any where but path shoud be correct when we give in command prompt. Open command propmt and set openssl.cnf path C:\set OPENSSL_CONF=d:/openssl.cnf 5.Run this in cmd : C:\openssl-0.9.8r-i386-win32-rev2>openssl.exe Then Run OpenSSL> genrsa -des3 -out server.enc.key 1024 Then it will ask for pass phrases : enter 4 to 11 character as your password for certificate Then run this Openssl>req -new -key server.enc.key -out server.csr Then it will ask for some details like country code state name etc. fill it freely. 10 . Then Run Openssl > rsa -in server.enc.key -out server.key Run this OpenSSL> x509 -req -days 365 -in server.csr -signkey server.key -out server.crt then use previous code that are on stack overflow Thanks