How to set up SSL locally with Node.js?

If you're running your Node.js backend locally its served using HTTP by default. In some cases it is required that your backend is served via https for integrating a service like Azure B2C or similar. This article is about how to configure express.js to serve a Node.js backend over https in local development. Let's see how this can be achieved in Node.js.

If you want to find out how this is achieved in a React app, check out this article - How to setup ssl in React, for Angular check out this article - How to setup ssl in Angular.

Using HTTPS in development

To use https locally, we have to do the following:

  1. Generate local Certificate Authority, and an SSL certificate
  2. Set the certificates when serving the Node.js backend
  3. Testing!

Custom SSL certificate

You have to create a local Certificate Authority, and an SSL certificate and set the SSL_CERT_FILE and SSL_KEY_FILE to the generated files.

Generating an SSL Certificate

As the first step, you should generate a local Certificate Authority, and an SSL certificate for Local Development.

You need a package manager to install mkcert:

  • MacOS: Use Homebrew or Macports.
  • Linux: Use certutil. Arch Linux only, mkcert is available on the Arch Linux repository.
  • Windows: Use chocolatey.
    1. Install mkcert.
    2. Create a locally trusted CA with mkcert -install.
    3. Generate an SSL certificate with mkcert localhost.

Set custom SSL certificate

To serve an Express.js app locally with SSL we have to update the options object - key and cert properties. Hence, after generating the local certificate authority and ssl certificate we have to set the key and cert properties to the path of the certificate and key files.

Let's look at a simple express server. The variables CERT-PATH and KEY-PATH are the paths to the generated files.

Create or add a project folder.

mkdir node-ssl-test

Initialize project with npm init -y to be able to install node packages.

cd node-ssl-test
npm init -y

Install express.

npm install express

Create an index.js file.

touch index.js

Copy example code.

const https = require('https');
const fs = require('fs');
const express = require('express');

const app = express();

const options = {
  key: fs.readFileSync(CERT_PATH),
  cert: fs.readFileSync(KEY_PATH),
};

app.use((req, res, next) => {
  res.send('<h1>HTTPS is working!</h1>');
});

const port = 3000;

https.createServer(options, app).listen(port, () => {
  console.log('Server listening on port ' + port);
});

Now run the index.js file with node index.js and open a browser tab and navigate to https://localhost:3000, you should see HTTPS works!. You can also inspect the certificate in the browser dev tools (Chrome -> Security Tab or Lock Icon).

TL;DR

  • To enable HTTPS locally, local certificate authority and ssl certificate have to be created and set in the options object in the Express.js server.

Thanks for reading and if you have any questions , use the comment function or send me a message @mariokandut.

If you want to know more about Node, have a look at these Node Tutorials.

References (and Big thanks):

26