How to Create HTTPS Server in Node.js: Simple Guide
To create an
https server in Node.js, use the built-in https module along with SSL certificate files (key and cert). Load these files with fs.readFileSync, then call https.createServer with the credentials and a request handler function.Syntax
The basic syntax to create an HTTPS server in Node.js involves importing the https and fs modules, reading the SSL key and certificate files, and then creating the server with a request handler.
https.createServer(options, requestListener): Creates the HTTPS server.options: An object containingkeyandcertproperties with SSL credentials.requestListener: A function that handles incoming requests and sends responses.
javascript
const https = require('https'); const fs = require('fs'); const options = { key: fs.readFileSync('path/to/private-key.pem'), cert: fs.readFileSync('path/to/certificate.pem') }; https.createServer(options, (req, res) => { // handle request }).listen(port);
Example
This example shows a complete HTTPS server that responds with "Hello Secure World!" on every request. It uses self-signed SSL certificate files named server.key and server.cert located in the same folder.
javascript
import https from 'https'; import fs from 'fs'; const options = { key: fs.readFileSync('./server.key'), cert: fs.readFileSync('./server.cert') }; const server = https.createServer(options, (req, res) => { res.writeHead(200, { 'Content-Type': 'text/plain' }); res.end('Hello Secure World!'); }); server.listen(8443, () => { console.log('HTTPS Server running on https://localhost:8443'); });
Output
HTTPS Server running on https://localhost:8443
Common Pitfalls
Common mistakes when creating an HTTPS server include:
- Using HTTP module instead of HTTPS for secure connections.
- Incorrect file paths or missing SSL certificate files causing errors.
- Not having valid SSL certificates (self-signed certificates cause browser warnings).
- Forgetting to listen on a port or using a port blocked by the system.
Always ensure your SSL files are correct and your server listens on an open port.
javascript
/* Wrong: Using http module for HTTPS server */ import http from 'http'; http.createServer((req, res) => { res.end('Not secure'); }).listen(8443); /* Right: Use https module with SSL options */ import https from 'https'; import fs from 'fs'; const options = { key: fs.readFileSync('./server.key'), cert: fs.readFileSync('./server.cert') }; https.createServer(options, (req, res) => { res.end('Secure'); }).listen(8443);
Quick Reference
HTTPS Server Creation Cheat Sheet:
| Step | Description |
|---|---|
| Import Modules | Use https and fs modules |
| Read SSL Files | Load key and cert with fs.readFileSync |
| Create Server | Call https.createServer(options, handler) |
| Listen | Start server on a port with listen(port) |
| Step | Description |
|---|---|
| Import Modules | Use https and fs modules |
| Read SSL Files | Load key and cert with fs.readFileSync |
| Create Server | Call https.createServer(options, handler) |
| Listen | Start server on a port with listen(port) |
Key Takeaways
Use the built-in https module with SSL key and certificate files to create a secure server.
Always read SSL files synchronously before creating the server to avoid errors.
Listen on an open port and handle requests with a callback function.
Self-signed certificates work for testing but cause browser warnings.
Avoid using the http module when you need HTTPS security.