Creating an SSL connection with Node.js
Common security problems are so-called man-in-the-middle attacks, a form of eavesdropping in which the attacker makes independent connections to the victim and forwards the messages to the desired locations. The attacker must be able to intercept messages and change them on his own. This is only possible if the attacker can successfully impersonate the two involved parties. Secure Socket Layer (SSL) and it's successor Transport Layer Security (TSL) prevent these type of attacks by encrypting the data. In this recipe, we create a Node.js server using restify that has support for HTTPS.
Getting ready
We will use a certificate and a server private key in order to enable HTTPS. To generate this, we need OpenSSL (http://www.openssl.org/), a fully featured open source toolkit implementing SSL and TLS, as well as a general purpose cryptography library.
First, on the command line, generate an RSA (http://en.wikipedia.org/wiki/RSA_(algorithm)) private key:
openssl...
