All geek questions in one place

How to access OpenShift SSL certificate and private key

On the OpenShift website: https://help.openshift.com/hc/en-us/articles/202535440-How-do-I-get-SSL-for-my-domains- , it points

You can always take advantage of our *.rhcloud.com wildcard certificate in order to securely connect to any application via it original, OpenShift-provided hostname URL.

However, the Node HTTPS server requires the path to the certificate and private key in order to use HTTPS:

 var privateKey = fs.readFileSync('sslcert/server.key', 'utf8'); var certificate = fs.readFileSync('sslcert/server.crt', 'utf8'); var credentials = {key: privateKey, cert: certificate}; var express = require('express'); var app = express(); var httpsServer = https.createServer(credentials, app); httpsServer.listen(443);

None of the OpenShift environment variables ( https://www.openshift.com/developers/openshift-environment-variables ) are apparently related to SSL certificates, and the documentation doesn’t mention anything other than the link above, which is not contains technical information for its actual use.

How to access the private file and certificate file on the OpenShift Node.js device / cartridge?

+5
source share
2 answers

It turns out that all SSL certificates are processed by OpenShift routers before they reach the gear / cartridge. There is no need to configure HttpsServer at all, a regular HttpServer listening on port 8080 will transparently receive both HTTP and HTTPS traffic.

This is true if you are using your own certificate or a substitution certificate, which is pretty elegant.

+10
source

The Nodejs Express application script is described in detail in the OpenShift https answer . To summarize, use the X-Forwarded-Proto header value from the request headers provided to your nodejs web site by the openshift proxy server to determine if the response should redirect the client to https or if the client already requests https.

+1
source

Source: https://habr.com/ru/post/1200379/

More articles:


All Articles