Setting up an HTTPS web server
For the most part, HTTPS is the solution to many of the security vulnerabilities such as (network sniffing, and man in the middle) faced over HTTP.
Thanks to the core https module. It's really simple to set up.
Getting ready
The greater challenge could be in actually obtaining the necessary SSL/TLS certificate.
In order to acquire a certificate, we must generate an encrypted Private Key, and from that we generate a Certificate Signing Request. This is then passed onto a Certificate Authority (a commercial entity specifically trusted by browser vendors — naturally this means we have to pay for it). Alternatively, the CA may generate your Private Key and Certificate Signing Request on your behalf.
Note
The company, StartSSL provides free certificates. An article about using StartSSL certificates with Node can be found at https://www.tootallnate.net/setting-up-free-ssl-on-your-node-server.
After a verification process, the Certificate Authority (CA) will issue a Public...
