Node

All Your Certificates Are Belong To Us

OVERVIEW:

  • Spinning up a Google Cloud Compute Engine VM
  • Setting up Certbot to help with Let'sEncrypt Certificates.
  • Hosting a SSL node server on Google Cloud

PREREQUISITES:

SETTING UP COMPUTE ENGINE:

To get started lets create a new node.js vm in google compute engine. Navigate to the google cloud launcher (https://cloud.google.com/launcher/). Then click on Explore Launcher. Once there click on the View All for developer tools. Scroll down to Node.js and click on it.

Click Launch On Compute Engine

Configuration:

Configuration for the Node.js VM

Configuration for the Node.js VM

Now you can navigate to your Compute Engine / VM Instances page and get the gloud command for connecting to your VM via SSH (just use the "View gcloud command" option).

Now SSH into your VM and lets get started.

CertBot Installation:

I'll give you an overview of the certbot installation, but if you want more info you can go here.

First Install Certbot and then generate the certs with the following commands:

sudo apt-get install certbot -t jessie-backports
sudo certbot certonly --standalone -d <YOUR DOMAIN HERE>

If you do not have a domain you can use for this, you can go to GoDaddy.com and register one to use.

Now that we have the SSL set up its time to get our express server serving up SSL pages.

Setting up Node server:

First thing we will need is a couple npm packages (express,body-parser, and compression) by running the following command.

npm install body-parser compression express

Then we will create App.js with the following code. Be sure to fill in the code with you domain name on the sslPath variable.

App.js

var express = require('express');
var path = require('path');
var https = require('https');
var request = require('request');
var bodyParser = require('body-parser');
var compression = require('compression');
var fs = require('fs');

var app = express();
var users = {};
app.use(compression());
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: false}));

app.get('/', function (req, res, next) {
  res.send('Welcome to Your SSL Server. This is root endpoint');
});
// catch 404 and forward to error handler
app.use(function (req, res, next) {
    var err = new Error('Not Found');
    err.status = 404;
    next(err);
});

var sslPath = '/etc/letsencrypt/live/<YOUR_DOMAIN_HERE>/';

var https_options = {
  key: fs.readFileSync(sslPath + 'privkey.pem'),
  cert: fs.readFileSync(sslPath + 'fullchain.pem')
};

// Start listening
var port = process.env.port || process.env.PORT || 80;
https.createServer(https_options, app).listen(443, function(){
  console.log('Web Server listening on port %s', 443);
});

Now just run just start up the node server and hit your Web server (https://<domain>)

sudo node app.js

That's all there is to it. Now go have fun securing the world!