jshaver
/
goldilocks.js
forked from coolaj86/goldilocks.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
A standard for webservers that's just right.
22 Commits 15 Branches 0 Tags 740 KiB
JavaScript 86.2%
HTML 8.4%
Shell 5.4%
Go to file
AJ ONeal 7dbe9bd605 update letsencrypt conventions 2015-07-13 17:46:44 -06:00
.gitignore Initial commit 2015-06-24 14:38:30 -06:00
LICENSE Initial commit 2015-06-24 14:38:30 -06:00
README.md update letsencrypt conventions 2015-07-13 17:46:44 -06:00
app.js add ability to specify content for / 2015-06-30 17:11:01 -06:00
package.json update letsencrypt conventions 2015-07-13 17:46:44 -06:00
serve.js update letsencrypt conventions 2015-07-13 17:46:44 -06:00
test-chain.sh custom https certs, http-to-https redirects 2015-07-08 00:43:46 -06:00

README.md

serve-https

A simple HTTPS static file server with valid TLS (SSL) certs.

Comes bundled a valid certificate for localhost.daplie.com, which is great for testing and development, and you can specify your own.

Also great for testing ACME certs from letsencrypt.org.

Install

npm install --global serve-https
serve-https

Serving /Users/foo/ at https://localhost.daplie.com:8443

Usage

  • -p <port> - i.e. sudo serve-https -p 443 (defaults to 8443)
  • -d <dirpath> - i.e. serve-https -d /tmp/ (defaults to pwd)
  • -c <content> - i.e. server-https -c 'Hello, World! ' (defaults to directory index)
  • --insecure-port <port> - run an http server that redirects to https (off by default)

Specifying a custom HTTPS certificate:

  • --key /path/to/privkey.pem specifies the server private key
  • --cert /path/to/fullchain.pem specifies the bundle of server certificate and all intermediate certificates
  • --root /path/to/root.pem specifies the certificate authority(ies)

Note: --root may specify single cert or a bundle, and may be used multiple times like so:

--root /path/to/primary-root.pem --root /path/to/cross-root.pem

Other options:

  • --serve-root true alias for -c with the contents of root.pem
  • --servername example.com changes the servername logged to the console
  • --letsencrypt-certs example.com sets and key, fullchain, and root to standard letsencrypt locations

Examples

serve-https -p 1443 -c 'Hello from 1443' &
serve-https -p 2443 -c 'Hello from 2443' &
serve-https -p 3443 -d /tmp --insecure-port 4080 &

curl https://localhost.daplie.com:1443
> Hello from 1443

curl --insecure https://localhost:2443
> Hello from 2443

curl https://localhost.daplie.com:3443
> [html index listing of /tmp]

And if you tested http://localhost.daplie.com:4080 in a browser, it would redirect to https://localhost.daplie.com:3443.

(in curl it would just show an error message)

Testing ACME Let's Encrypt certs

In case you didn't know, you can get free https certificates from letsencrypt.org (ACME letsencrypt) and even a free subdomain from https://freedns.afraid.org.

If you want to quickly test the certificates you installed, you can do so like this:

sudo serve-https -p 8443 \
  --letsencrypt-certs test.mooo.com \
  --serve-root true

which is equilavent to

sudo serve-https -p 8443 \
  --servername test.mooo.com
  --key /etc/letsencrypt/live/test.mooo.com/privkey.pem \
  --cert /etc/letsencrypt/live/test.mooo.com/fullchain.pem \
  --root /etc/letsencrypt/live/test.mooo.com/root.pem \
  -c "$(cat 'sudo /etc/letsencrypt/live/test.mooo.com/root.pem')"

and can be tested like so

curl --insecure https://test.mooo.com:8443 > ./root.pem
curl https://test.mooo.com:8843 --cacert ./root.pem