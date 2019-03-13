Node module to enable HTTPS/SSL in a loopback application with simple configurations. The module also enables trusted peer authentication.

Features

Enable SSL in Loopback application

Enable mutual SSL authentication in Loopback

Setup

npm install -g loopback-cli mkdir <app-name> cd <app-name> lb

npm install loopback-ssl --save

Setup Configuration:

Add the following lines of configuration in 'config.json' in location "\<app-dir>/server/config.json"

"httpMode" : false , "certConfig" : { "path" : "/certificate/path/" , "key" : "local.pem" , "cert" : "local.crt.pem" , "ca" : [], "requestCert" : false , "rejectUnauthorized" : false }

Configure server.js

Edit the server.js located at "\<app-dir>/server/server.js". Replace the code in server.js with the code below (assuming no prior customizations to the file)

var loopback = require ( 'loopback' ); var boot = require ( 'loopback-boot' ); var loopbackSSL = require ( 'loopback-ssl' ); var app = module .exports = loopback(); boot(app, __dirname, function ( err ) { if (err) throw err; }); return loopbackSSL.startServer(app);

Configuration options

Option 1: HTTP (default loopback configuration)

The configuration entry "httpMode": true will enable http (disable https). In this mode the "certConfig": {..} configuration is not required and can be omitted.

"httpMode" : true

Option 2: HTTPS: Loading certificates from files

The configuration entry "httpMode": false will enable https.

"httpMode" : false , "certConfig" : { "path" : "/certificate/path/" , "key" : "serverkey.pem" , "cert" : "server-certificate.pem" , "ca" : [], "requestCert" : false , "rejectUnauthorized" : false }

"path" - folder location where the certificates files will be installed

- folder location where the certificates files will be installed "key" - server key

- server key "cert" - server certificate

Option 3: HTTPS: Loading certificates from files & Mutual SSL authentication

Will only work with pre-generated certificate files

"httpMode" : false , "certConfig" : { "path" : "/certificate/path/" , "key" : "serverkey.pem" , "cert" : "server-certificate.pem" , "ca" : [ "client-certificate-to-validate.pem" ], "requestCert" : true , "rejectUnauthorized" : true }

The ca[] configuration contains the list of client certificates which the server will authenticate

configuration contains the list of client certificates which the server will authenticate "requestCert": true enables mutual SSL authentication

enables mutual SSL authentication "rejectUnauthorized": true enables the authenticity and validity check of client keys

enables the authenticity and validity check of client keys For any reason, if the client certificate is a self signed certificate, "rejectUnauthorized": can be set to false .

Contributing

Want to contribute? Great! Please check this guide.

Fork it ( https://github.com/yantrashala/loopback-ssl/fork )

Create your feature branch (git checkout -b new-feature)

Commit your changes (git commit -am 'Add some feature')

Push to the branch (git push origin new-feature)

Create new Pull Request

License

MIT.

