Skip to content

yantrashala/loopback-ssl

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
lib
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

loopback-ssl

Node module to enable HTTPS/SSL in a loopback application with simple configurations. The module also enables trusted peer authentication.

Travis npm npm npm David David Codacy Badge Join the chat at https://gitter.im/yantrashala/loopback-ssl

Features

  • Enable SSL in Loopback application
  • Enable mutual SSL authentication in Loopback

Setup

Install loopback:

# install loopback-cli
npm install -g loopback-cli

# create project directory
mkdir <app-name>
cd <app-name>

# create loopback application
lb
# ? What's the name of your application? <app-name>
# ? Which version of LoopBack would you like to use? 3.x (current)
# ? What kind of application do you have in mind? notes

Install loopback-ssl:

npm install loopback-ssl --save

Setup Configuration:

Add the following lines of configuration in 'config.json' in location "<app-dir>/server/config.json"

  "httpMode": false,
  "certConfig": {
    "path": "/certificate/path/",
    "key": "local.pem",
    "cert": "local.crt.pem",
    "ca": [],
    "requestCert": false,
    "rejectUnauthorized": false
  }

Configure server.js

Edit the server.js located at "<app-dir>/server/server.js". Replace the code in server.js with the code below (assuming no prior customizations to the file)

server.js

var loopback = require('loopback');
var boot = require('loopback-boot');
var loopbackSSL = require('loopback-ssl');

var app = module.exports = loopback();

boot(app, __dirname, function(err) {
  if (err) throw err;
});

return loopbackSSL.startServer(app);

Configuration options

Option 1: HTTP (default loopback configuration)

The configuration entry "httpMode": true will enable http (disable https). In this mode the "certConfig": {..} configuration is not required and can be omitted.

  "httpMode": true

Option 2: HTTPS: Loading certificates from files

The configuration entry "httpMode": false will enable https.

  "httpMode": false,
  "certConfig": {
    "path": "/certificate/path/",
    "key": "serverkey.pem",
    "cert": "server-certificate.pem",
    "ca": [],
    "requestCert": false,
    "rejectUnauthorized": false
  }
  • "path" - folder location where the certificates files will be installed
  • "key" - server key
  • "cert" - server certificate

Option 3: HTTPS: Loading certificates from files & Mutual SSL authentication

Will only work with pre-generated certificate files

  "httpMode": false,
  "certConfig": {
    "path": "/certificate/path/",
    "key": "serverkey.pem",
    "cert": "server-certificate.pem",
    "ca": [
        "client-certificate-to-validate.pem"
    ],
    "requestCert": true,
    "rejectUnauthorized": true
  }
  • The ca[] configuration contains the list of client certificates which the server will authenticate
  • "requestCert": true enables mutual SSL authentication
  • "rejectUnauthorized": true enables the authenticity and validity check of client keys
  • For any reason, if the client certificate is a self signed certificate, "rejectUnauthorized": can be set to false.

Contributing

  • Want to contribute? Great! Please check this guide.
  • Fork it ( https://github.com/yantrashala/loopback-ssl/fork )
  • Create your feature branch (git checkout -b new-feature)
  • Commit your changes (git commit -am 'Add some feature')
  • Push to the branch (git push origin new-feature)
  • Create new Pull Request

License

MIT.

See Also