Nodejs HTTP and HTTPS over same port

by

You don’t need to listen on same port if you follow convention

By convention when you request http://127.0.0.1 your browser will try to connect to port 80. If you try to open https://127.0.0.1 your browser will try to connect to port 443. So to secure all traffic it is simply conventional to listen to port 80 on http with a redirect to https where we already have a listener for https for port 443. Here’s the code: 

var https = require('https');

var fs = require('fs');
var options = {
    key: fs.readFileSync('./key.pem'),
    cert: fs.readFileSync('./cert.pem')
};

https.createServer(options, function (req, res) {
    res.end('secure!');
}).listen(443);

// Redirect from http port 80 to https
var http = require('http');
http.createServer(function (req, res) {
    res.writeHead(301, { "Location": "https://" + req.headers['host'] + req.url });
    res.end();
}).listen(80);

Test with https: 

$ curl https://127.0.0.1 -k
secure!

With http:

$ curl http://127.0.0.1 -i
HTTP/1.1 301 Moved Permanently
Location: https://127.0.0.1/
Date: Sun, 01 Jun 2014 06:15:16 GMT
Connection: keep-alive
Transfer-Encoding: chunked

If you must listen on same port

There isn’t simple way to have http / https listen on the same port. You best bet is to create proxy server on a simple net socket that pipes to (http or https) based on the nature of the incoming connection (http vs. https).

Here is the complete code (based on https://gist.github.com/bnoordhuis/4740141) that does exactly that. It listens on localhost:3000 and pipes it to http (which in turn redirects it to https) or if the incomming connection is in https it just passes it to https handler

var fs = require('fs');
var net = require('net');
var http = require('http');
var https = require('https');

var baseAddress = 3000;
var redirectAddress = 3001;
var httpsAddress = 3002;
var httpsOptions = {
    key: fs.readFileSync('./key.pem'),
    cert: fs.readFileSync('./cert.pem')
};

net.createServer(tcpConnection).listen(baseAddress);
http.createServer(httpConnection).listen(redirectAddress);
https.createServer(httpsOptions, httpsConnection).listen(httpsAddress);

function tcpConnection(conn) {
    conn.once('data', function (buf) {
        // A TLS handshake record starts with byte 22.
        var address = (buf[0] === 22) ? httpsAddress : redirectAddress;
        var proxy = net.createConnection(address, function () {
            proxy.write(buf);
            conn.pipe(proxy).pipe(conn);
        });
    });
}

function httpConnection(req, res) {
    var host = req.headers['host'];
    res.writeHead(301, { "Location": "https://" + host + req.url });
    res.end();
}

function httpsConnection(req, res) {
    res.writeHead(200, { 'Content-Length': '5' });
    res.end('HTTPS');
}

As a test, If you connect it with https you get the https handler: 

$ curl https://127.0.0.1:3000 -k
HTTPS

if you connect it with http you get the redirect handler (which simply takes you to the https handler):

$ curl http://127.0.0.1:3000 -i
HTTP/1.1 301 Moved Permanently
Location: https://127.0.0.1:3000/
Date: Sat, 31 May 2014 16:36:56 GMT
Connection: keep-alive
Transfer-Encoding: chunked

More Related Contents:

  1. Enabling HTTPS on express.js
  2. Automatic HTTPS connection/redirect with node.js/express
  3. Basic HTTP authentication with Node and Express 4
  4. Error: No default engine was specified and no extension was provided
  5. How to force SSL / https in Express.js
  6. node.js http.get hangs after 5 requests to remote site
  7. Why POST redirects to GET and PUT redirects to PUT?
  8. static files with express.js
  9. How can I set cookie in node js using express framework?
  10. Difference between app.use and app.get in express.js
  11. IIS, Node.js, and Web Application with IISNode not configured right with Virtual Directory
  12. MongoDB/Mongoose querying at a specific date?
  13. What is the parameter “next” used for in Express?
  14. Expressjs raw body
  15. When to use next() and return next() in Node.js
  16. How to populate a sub-document in mongoose after creating it?
  17. passport’s req.isAuthenticated always returning false, even when I hardcode done(null, true)
  18. mongoose custom validation using 2 fields
  19. req.query and req.param in ExpressJS
  20. Proxy with express.js
  21. Redirect all trailing slashes globally in express
  22. Getting binary content in node.js with http.request
  23. Docker – SequelizeConnectionRefusedError: connect ECONNREFUSED 127.0.0.1:3306
  24. Catch all uncaughtException for Node js app
  25. How to specify HTTP error code using Express.js?
  26. ENOENT: no such file or directory .?
  27. Angular 9 SSR 404 Not Found Page with Status code
  28. Why can’t we do multiple response.send in Express.js?
  29. Node.js: how to limit the HTTP request size and upload file size?
  30. How to store a file with file extension with multer?

Leave a Comment