HTTPS in Node.js
HTTP: When the data transfer in HTTP protocol it just travels in the clear text format.
HTTPS: It simply makes encryption when the request is traveling from the browser to the web server so it is tough to sniff that information. It basically works on two things:
- SSL (Secure Socket Layer)
- TLS (Transport layer security)
Both of these use a PKI (Public Key Infrastructure)
- If you can’t afford an SSL Certificate then the other alternative is that there are a lot of payment service that can provide you an API to integrate in your website i.e you can have your website on a non secure channel (HTTP) and whenever there is a payment then just redirect the user to that payment gateway service.
- HTTPS is a separate module in Node.js and is used to communicate over a secure channel with the client. HTTPS is the HTTP protocol on top of SSL/TLS(secure HTTP protocol).
There are various advantages to this additional layer:
- Integrity and Confidentiality are guaranteed, as the connection is encrypted in an asymmetric manner.
- We get authentication by having keys and certificates.
An Example to setup HTTPS server with Node.Js is as follows:
- We will first create an homepage.html file, this homepage.html file will have an HTML code of creating a web page i.e the page that will be displayed when the user asks for it or enter the URL of the same.
- homepage.html file will also have a resource homepage.css
- When the browser tries to get the resource homepage.css it will throw it to the server, the server will create a response header, so the browser knows how to parse the file.
- The code shown below is written in a third file saved as .js file.
Output: Whatever the port number and IP Address is given to the server.listen it will execute that only web page whenever requested. And this web page will be an HTTPS.