From ea022d3880e73d62650aee7f48f983f38b3884d0 Mon Sep 17 00:00:00 2001 From: Andrew Stewart Date: Thu, 3 Apr 2014 14:32:56 -0700 Subject: [PATCH] Implement HTTPS API with self-signed cert Switches API to serve all requests over HTTPS, using a self-signed SSL certificate. --- lib/api.js | 13 ++++++++++--- lib/ssl/server.crt | 22 ++++++++++++++++++++++ lib/ssl/server.csr | 18 ++++++++++++++++++ lib/ssl/server.key | 27 +++++++++++++++++++++++++++ 4 files changed, 77 insertions(+), 3 deletions(-) create mode 100644 lib/ssl/server.crt create mode 100644 lib/ssl/server.csr create mode 100644 lib/ssl/server.key diff --git a/lib/api.js b/lib/api.js index 0375816..b3901d6 100644 --- a/lib/api.js +++ b/lib/api.js @@ -8,8 +8,10 @@ "use strict"; -var express = require('express.io'); -var namespace = require('node-namespace'); +var fs = require('fs'); + +var express = require('express.io'), + namespace = require('node-namespace'); namespace("Cylon", function() { // The Cylon API Server provides an interface to communicate with master class @@ -29,7 +31,12 @@ namespace("Cylon", function() { master = opts.master; - this.server = express().http().io(); + var options = { + cert: fs.readFileSync(__dirname + "/ssl/server.crt"), + key: fs.readFileSync(__dirname + "/ssl/server.key") + } + + this.server = express().https(options).io(); this.server.set('title', 'Cylon API Server'); diff --git a/lib/ssl/server.crt b/lib/ssl/server.crt new file mode 100644 index 0000000..985182e --- /dev/null +++ b/lib/ssl/server.crt @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDnDCCAoQCCQDMuSNl5mThYDANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFDASBgNVBAcTC0xvcyBBbmdlbGVzMRkw +FwYDVQQKExBUaGUgSHlicmlkIEdyb3VwMRIwEAYDVQQDEwlsb2NhbGhvc3QxJjAk +BgkqhkiG9w0BCQEWF2N5bG9uanNAaHlicmlkZ3JvdXAuY29tMB4XDTE0MDQwMzIx +MjczM1oXDTE1MDQwMzIxMjczM1owgY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpD +YWxpZm9ybmlhMRQwEgYDVQQHEwtMb3MgQW5nZWxlczEZMBcGA1UEChMQVGhlIEh5 +YnJpZCBHcm91cDESMBAGA1UEAxMJbG9jYWxob3N0MSYwJAYJKoZIhvcNAQkBFhdj +eWxvbmpzQGh5YnJpZGdyb3VwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBALhobzDaWlLBwPUFBZRxQt5fsvxFzkGJ8TxD8Uhp4r5P4Idqa2DKaz7q +oIob/l96t9Szcxi+nib4Cykxt7rw4mmDJFCS+9aV8+u/aFCXjEicCSPkM95f6NOD +a3JvHWeFfYeQOZq0uDS9PTccXpomtvX7ufdmYmPpDNzUcJD+FA8+5tVdtbvoF5aV +su4Ufb7CcoE9KuyeWm7UQpjaKuoYVAa/9eCHQfptwf0iPPlW4NcS5JG0CJOqyyrF +YC30MIlE6/tol8TCPFrbA4HLdtqBKMkOfhSYor12OBKazVWWqk+AkuDQFfXA/OFk +L3VGVFjnUh/RUjCoZQ+CeKAM7grUyUcCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA +S4knU+SUXmCw+V8ZggGoLW3OelI6vMq+7ThhGeS+ge4ZkQRuqBdJxK7HytC6bysC +L9qQuJsKoEPSDoi48ml7XqRH+kXD4lTpRtDSF8WetLvIjh6lJM5I9xLmevBZYeJT +9a+gm6eS0oZBm3/cHpUJnQAw8M8wYmHB/d/WdNu7fV9m5+PBzvwhxVlVb3yaOdsH +vRh0BZU58NmFcscfV/pTSqTlp59CQGMynHsaaLiKiLje04v+b+wwob/7kuvZvQ9D +kYQkg1EnCGMFIk1Slj1GIS/ewD90JTATJa38wshg2VAQiX8sxqsUPdye/MjheWhF +hxMSOB6xNhHjBiOQRwtGtw== +-----END CERTIFICATE----- diff --git a/lib/ssl/server.csr b/lib/ssl/server.csr new file mode 100644 index 0000000..2c78f7a --- /dev/null +++ b/lib/ssl/server.csr @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC9jCCAd4CAQAwgY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh +MRQwEgYDVQQHEwtMb3MgQW5nZWxlczEZMBcGA1UEChMQVGhlIEh5YnJpZCBHcm91 +cDESMBAGA1UEAxMJbG9jYWxob3N0MSYwJAYJKoZIhvcNAQkBFhdjeWxvbmpzQGh5 +YnJpZGdyb3VwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALho +bzDaWlLBwPUFBZRxQt5fsvxFzkGJ8TxD8Uhp4r5P4Idqa2DKaz7qoIob/l96t9Sz +cxi+nib4Cykxt7rw4mmDJFCS+9aV8+u/aFCXjEicCSPkM95f6NODa3JvHWeFfYeQ +OZq0uDS9PTccXpomtvX7ufdmYmPpDNzUcJD+FA8+5tVdtbvoF5aVsu4Ufb7CcoE9 +KuyeWm7UQpjaKuoYVAa/9eCHQfptwf0iPPlW4NcS5JG0CJOqyyrFYC30MIlE6/to +l8TCPFrbA4HLdtqBKMkOfhSYor12OBKazVWWqk+AkuDQFfXA/OFkL3VGVFjnUh/R +UjCoZQ+CeKAM7grUyUcCAwEAAaAhMB8GCSqGSIb3DQEJAjESExBUaGUgSHlicmlk +IEdyb3VwMA0GCSqGSIb3DQEBBQUAA4IBAQC1ap6IIWrAg6ZGmMev4Ef7qGLNSAYV +8jg5pG63AHGkZLCMw1ZcT1iZPjOZC1mBzJBy0z9C8fo0ekGvMmmQbQ40i4JgmYH4 +bmzL4+ulySgiR45DokHkRtyZOa2f2/nOcvVpIDF3EwH7L2yb4AFrCHDwfh8TKl2x +oMpy00F23vn7loDxyMkIcR8It+VL1NiJM+TJN9OzGIh0FkJHs2lbRawS30xyxIYy +z0yImdzHG5rXGlPS1aeeVue4H9DfinCICSfd0Bx9iJCqzUD98cmK8x4hVezD9r32 +/6jm88UzF2WgJvuxcQ8EQRiPGCFcLHGB2AFryTWdt6ibCW6gsoRinnvZ +-----END CERTIFICATE REQUEST----- diff --git a/lib/ssl/server.key b/lib/ssl/server.key new file mode 100644 index 0000000..3e04ef9 --- /dev/null +++ b/lib/ssl/server.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAuGhvMNpaUsHA9QUFlHFC3l+y/EXOQYnxPEPxSGnivk/gh2pr +YMprPuqgihv+X3q31LNzGL6eJvgLKTG3uvDiaYMkUJL71pXz679oUJeMSJwJI+Qz +3l/o04Nrcm8dZ4V9h5A5mrS4NL09Nxxemia29fu592ZiY+kM3NRwkP4UDz7m1V21 +u+gXlpWy7hR9vsJygT0q7J5abtRCmNoq6hhUBr/14IdB+m3B/SI8+Vbg1xLkkbQI +k6rLKsVgLfQwiUTr+2iXxMI8WtsDgct22oEoyQ5+FJiivXY4EprNVZaqT4CS4NAV +9cD84WQvdUZUWOdSH9FSMKhlD4J4oAzuCtTJRwIDAQABAoIBAQCwIqgZrGXbZ88q ++On0eB4bkqK9zNsNxHjTTD35IZH+nwLhtObtI0o+ZRKD9+sGPYu6sNA9kUw0AnV+ +mktYVl6b0zPrdgjvVHkP8tnrKGVIsSkVzBEy1L7o0Dzfp3wZdeqJgltTBkxvq1T9 +/63oZRQabZ6ZzIQr09yCTLNb+iMkzxuJSbdwVAws+oKqSTVoUKY/Gee66MsJjKkr +FfqwS/tVfTFWXp9CamWz/zBDyUXnrtUhzNxE+3LPbeZ/sMq/V/f1F5jiQNjenMGl +K/qD3HyNbR0P4xWYCe/4/QLSWjsiZHg51d4Nioegii2775ya9qDvtTfUeNNdvCf6 +HMcvUIPxAoGBAOF5pSl/9VqRc1FXS+Kr8cs7DORZ6EPXKzUZL59V0NHoMgKbk+sM +JZv4TeDx26eBoecT2UYWSYMbKLl7sM9YZDJJhgwMeqa47PHk5Cua/Dpfus/pDl67 +S5FT/gyA2tpSpULml2G7YegdPnTRRNQdppcrY5v9LQ9CSPhbSAPY/FspAoGBANFf +gs6JEq46SOMBw+66svwaT2DQJNchwtCKE+2m7OdNufrtTSAVlKlNpGQQxElwYYg1 +xkEA+l7MycXIkSWOGC4JfLSRYlBgYOFzCQCME9rTkboAXn8Iru9p9vnRnfsEOUk4 +Vr8/ehzv4gcf90ZJcnPkQNu5lTkr+s/bNDjAof7vAoGARN3zvU4w8V21nCWOrwgX +jRxXHrP7RiVFNC2iJwd+BW7nP3anYkZOgmn/13HnxizI95xPY6HRCDNWZ/jIkzwL +NnTQdYOmPqAC9wsTSeJHoci1dWVYl0SbmyLNWKJOthpCEcH+gMJL8CpmdiWo4STB +SjDddrqIdb2oLfsrbslqoqkCgYAUJV6OxP25Kf6NaUQTGn/SZi2xIRYKZUM7ka2t +NlyhPQdiL6c2KR1u1Pu2bS6V6mxYEOSMqK1upcHceBoPRQbqlxsavMp69WsdBlad +aN0YNzdUcGinTIyYmNec3iCXYKaqdvNR36e+VQ6opNjEOJj8sb/T5J2JLMQrb+os +c8yinQKBgQCcww6Mr0Wnbw/E9RrwYJqheFWXjdrvbhs5leudzHknL/WXfroOccFr +cduywWcHkGq9ig0fay/3iVS5WRAlVqDOGmf60It60ZE0CEDVsHd3w9BEAeJxkq+6 +vnMZ73dIUKmOozNg0+xK7XsY2YCNdYUaFtKH/ENfsCWfu7r2Kli46A== +-----END RSA PRIVATE KEY-----