HTTP: When the data is transferred in HTTP protocol it just travels in the clear text format.
HTTPS: It simply encrypts the request from the browser to the web server, so it is tough to sniff that information. It basically works on two things:
- SSL (Secure Socket Layer)
- TLS (Transport layer security)
Both of these use a PKI (Public Key Infrastructure)
- If you can’t afford an SSL Certificate then the other alternative is that there are a lot of payment services that can provide you an API to integrate into your website i.e you can have your website on a nonsecure channel (HTTP) and whenever there is a payment then redirect the user to that payment gateway service.
- HTTPS is a separate module in Node.js and is used to communicate over a secure channel with the client. HTTPS is the HTTP protocol on top of SSL/TLS(secure HTTP protocol).
There are various advantages to this additional layer:
- Integrity and Confidentiality are guaranteed, as the connection is encrypted in an asymmetric manner.
- We get authentication by having keys and certificates.
An Example of setting up an HTTPS server with Node.Js is as follows:
- We will first create an homepage.html file, this homepage.html file will have an HTML code for creating a web page i.e the page that will be displayed when the user asks for it or enter the URL of the same.
- homepage.html file will also have a resource homepage.css
- When the browser tries to get the resource homepage.css it will throw it to the server, the server will create a response header, so the browser knows how to parse the file.
- The code below is written in a third file saved as a .js file.
Example 1: In this example, we will set up an HTTPS server with NodeJs.
javascript
( function () {
const fs = require( "fs" );
const https = require( "https" );
const path = require( "path" );
let mimetypes = {
"css" : "text/css" ,
"html" : "text/html"
};
let options = {
pfx: fs.readFileSync( "ssl/cert.pfx" ),
passphrase: "encrypted"
};
let server = https.createServer(options, function (request, response) {
if (request.url == "" || request.url == "/" ) {
request.url = "homepage.html" ;
}
fs.readFile(__dirname + "/" + request.url, function (err, content) {
if (err) {
console.log( "Error: " + err);
}
else {
response.writeHead(200,
{ 'Content-Type' : mimetypes[path.extname(request.url).split( "." )[1]] });
response.write(content);
}
response.end();
});
});
server.listen( "port number" , "IP Address" , function () {
console.log( "Server has started!" );
});
})();
|
Output: Whatever the port number and IP Address are given to the server.listen it will execute that only web page whenever requested. And this web page will be HTTPS.
Last Updated :
31 Mar, 2023
Like Article
Save Article
Share your thoughts in the comments
Please Login to comment...