loopback-ssl
Node module to enable HTTPS/SSL in a loopback application with simple configurations. The module also enables trusted peer authentication.
Features
- Enable SSL in Loopback application
- Enable mutual SSL authentication in Loopback
Setup
loopback:
Install # install loopback-cli npm install -g loopback-cli # create project directory mkdir <app-name>cd <app-name> # create loopback application lb# ? What's the name of your application? <app-name> # ? Which version of LoopBack would you like to use? 3.x (current) # ? What kind of application do you have in mind? notes
loopback-ssl:
Installnpm install loopback-ssl --save
Setup Configuration:
Add the following lines of configuration in 'config.json' in location "<app-dir>/server/config.json"
"httpMode": false "certConfig": "path": "/certificate/path/" "key": "local.pem" "cert": "local.crt.pem" "ca": "requestCert": false "rejectUnauthorized": false
Configure server.js
Edit the server.js located at "<app-dir>/server/server.js". Replace the code in server.js with the code below (assuming no prior customizations to the file)
server.js
var loopback = ;var boot = ;var loopbackSSL = ; var app = moduleexports = ; ; return loopbackSSL;
Configuration options
Option 1: HTTP (default loopback configuration)
The configuration entry "httpMode": true
will enable http (disable https). In this mode the "certConfig": {..}
configuration is not required and can be omitted.
"httpMode": true
Option 2: HTTPS: Loading certificates from files
The configuration entry "httpMode": false
will enable https.
"httpMode": false "certConfig": "path": "/certificate/path/" "key": "serverkey.pem" "cert": "server-certificate.pem" "ca": "requestCert": false "rejectUnauthorized": false
"path"
- folder location where the certificates files will be installed"key"
- server key"cert"
- server certificate
Option 3: HTTPS: Loading certificates from files & Mutual SSL authentication
Will only work with pre-generated certificate files
"httpMode": false "certConfig": "path": "/certificate/path/" "key": "serverkey.pem" "cert": "server-certificate.pem" "ca": "client-certificate-to-validate.pem" "requestCert": true "rejectUnauthorized": true
- The
ca[]
configuration contains the list of client certificates which the server will authenticate "requestCert": true
enables mutual SSL authentication"rejectUnauthorized": true
enables the authenticity and validity check of client keys- For any reason, if the client certificate is a self signed certificate,
"rejectUnauthorized":
can be set tofalse
.
Contributing
- Want to contribute? Great! Please check this guide.
- Fork it ( https://github.com/yantrashala/loopback-ssl/fork )
- Create your feature branch (git checkout -b new-feature)
- Commit your changes (git commit -am 'Add some feature')
- Push to the branch (git push origin new-feature)
- Create new Pull Request
License
MIT.