readme.md

setup dns (mac only)

pick a top level domain you want to use, I choose calvin, replace YOURNAME with this

export TLS=YOURNAME
brew install dnsmasq
mkdir -pv $(brew --prefix)/etc
sudo cp -v $(brew --prefix dnsmasq)/homebrew.mxcl.dnsmasq.plist /Library/LaunchDaemons
sudo launchctl load -w /Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plist
sudo mkdir -pv /etc/resolver
echo "address=/.$TLS/::11\naddress=/.$TLS/127.0.0.1" | sudo tee -a $(brew --prefix)/etc/dnsmasq.conf
echo "nameserver 127.0.0.1" | sudo tee /etc/resolver/$TLS

make a ca

likely want to make a folder to do this

openssl req -x509 -newkey rsa:2048 -sha224 -nodes -keyout cakey.pem -out ca.pem

These next steps are per project, do them from the project folder

openssl.conf

  [req]
  distinguished_name = req_distinguished_name
  x509_extensions = v3_req
  prompt = no
  default_md = sha224
  [req_distinguished_name]
  CN = ${PWD##*/}.$TLD
  [v3_req]
  keyUsage = keyEncipherment, dataEncipherment
  extendedKeyUsage = serverAuth

make a key and req

openssl req -in openssl.conf -nodes -newkey rsa:2048 -sha224 -config openssl.conf -keyout ssl.key -out ssl.req

make a cert

openssl x509 -req -in ssl.req -sha224 -extfile openssl.conf -CA ~/ca/ca.pem -CAkey ~/ca/cakey.pem -out ssl.cert
# use -CAcreateserial the first time

app.js

var app = require('./server');
var http = require('http');
var server = http.createServer(app);
var port = process.env.PORT || 3000;
server.listen(port, process.env.HOST||'localhost');
console.log('app is listening on port ' + port);

app.secure.js

var app = require('./server');
var https = require('https');
var fs = require('fs');
var credentials = {
  key: fs.readFileSync('./ssl.key'),
  cert:fs.readFileSync('./ssl.cert')
};
var server = https.createServer(credentials, app);
var port = process.env.PORT || 3000;
server.listen(port, process.env.HOST||'localhost');
console.log('app is listening on port ' + port);