Setting up an HTTPS web server
In large part, SSL is the solution to many of the security vulnerabilities, such as network sniffing and man-in-the-middle attacks, faced over HTTP. Thanks to the core https module. It's really simple to set up.
Getting ready
The greater challenge could be in actually obtaining the necessary SSL/TLS certificate. In order to acquire a certificate, we must generate an encrypted private key, and from that we generate Certificate Signing Request (CSR). This is then passed to Certificate Authority (CA). CA is a commercial entity specifically trusted by browser vendors—naturally this means we have to pay for it. Alternatively, the CA may generate your private key and CSR on your behalf.
After a verification process, the CA will issue a public certificate enabling us to encrypt our connections.
We can shortcut this process and authorize our own certificate (self-sign), naming ourselves the CA. Unfortunately, if the CA isn't known to a browser, it will warn the user that...
