TLS Socket , client & server in NodeJS

TLS Socket , client & server in NodeJS

TLS Socket , client & server in NodeJS, The TLS module provides an implementation of the Transport Layer Security (TLS) and Secure Socket Layer (SSL) protocols that is built on top of OpenSSL.

The only major differences between this and a regular TCP connection are the private Key and the public certificate that you’ll have to set into an option object.

How to Create a Key and Certificate

The first step in this security process is the creation of a private Key. And what is this private key?

Private Key:

Basically, it’s a set of random noise that’s used to encrypt information. In theory, you could create one key, and use it to encrypt whatever you want. But it is best practice to have different keys for specific things. Because if someone steals your private key, it’s similar to having someone steal your house keys. Imagine if you used the same key to lock your car, garage, office, etc.

Private keys can be generated in multiple ways. The example below illustrates use of the OpenSSL command-line interface to generate a 1024-bit RSA private key:

openssl genrsa -out private-key.pem 1024

Once we have our private key, we can create a CSR (certificate signing request), which is our request to have the private key signed by a fancy authority. That is why you have to input information related to your company. This information will be seen by the signing authority, and used to verify you. In our case, it doesn’t matter what you type, since in the next step we’re going to sign our certificate ourselves.

The OpenSSL command-line interface can be used to generate a CSR for a private key:

openssl req -new -key private-key.pem -out csr.pem

Now that we have our paper work filled out, it’s time to pretend that we’re a cool signing authority.

openssl x509 -req -in csr.pem -signkey private-key.pem -out public-cert.pem

Now that you have the private key and the public cert, you can establish a secure connection between two NodeJS apps. And, as you can see in the example code, it is a very simple process. Important!

Since we created the public cert ourselves, in all honesty, our certificate is worthless, because we are nobodies. The NodeJS server won’t trust such a certificate by default, and that is why we need to tell it to actually trust our cert with the following option rejectUnauthorized: false. Very important: never set this variable to true in a production environment.

TLS Socket Server

Here is an example of TLS socket server

'use strict';
var tls = require('tls'); 
var fs = require('fs'); 
const PORT = 1337; 
const HOST = '127.0.0.1' 
var options = { 
key: fs.readFileSync('private-key.pem'), 
cert: fs.readFileSync('public-cert.pem') 
}; 
var server = tls.createServer(options, function(socket) { 
// Send a friendly message 
socket.write("I am the server sending you a message."); 
// Print the data that we received 
socket.on('data', function(data) { 
console.log('Received: %s [it is %d bytes long]', 
data.toString().replace(/(\n)/gm,""), 
data.length); }); 
// Let us know when the transmission is over 
socket.on('end', function() { 
console.log('EOT (End Of Transmission)'); 
}); 
}); 
// Start listening on a specific port and address 
server.listen(PORT, HOST, function() { 
console.log("I'm listening at %s, on port %s", HOST, PORT); 
}); 
// When an error occurs, show it. 
server.on('error', function(error) { 
console.error(error); 
// Close the connection after the error occurred. 
server.destroy(); 
});

TLS Socket Client

Here is an example of TLS socket client

'use strict'; 
var tls = require('tls'); 
var fs = require('fs'); 
const PORT = 1337; 
const HOST = '127.0.0.1' 
// Pass the certs to the server and let it know to process even unauthorized certs. 
var options = { 
key: fs.readFileSync('private-key.pem'), 
cert: fs.readFileSync('public-cert.pem'), 
rejectUnauthorized: false 
}; 
var client = tls.connect(PORT, HOST, options, function() { 
// Check if the authorization worked 
if (client.authorized) { 
console.log("Connection authorized by a Certificate Authority.");
} else { 
console.log("Connection not authorized: " + client.authorizationError) 
} 
// Send a friendly message 
client.write("I am the client sending you a message."); 
}); 
client.on("data", function(data) { 
console.log('Received: %s [it is %d bytes long]', 
data.toString().replace(/(\n)/gm,""),
 data.length); 
// Close the connection after receiving the message 
client.end(); }); 
client.on('close', function() { 
console.log("Connection closed"); }); 
// When an error ocoures, show it. 
client.on('error', function(error) { 
console.error(error); 
// Close the connection after the error occurred. 
client.destroy(); 
});

original publish on Nodefrost.com

Recommended Courses:

Node.js Absolute Beginners Guide - Learn Node From Scratch

Master Full-Stack Web Development | Node, SQL, React, & More

Memory Based Learning Bootcamp: Node.js

Code with Node: Learn by Doing

The only major differences between this and a regular TCP connection are the private Key and the public certificate that you’ll have to set into an option object.

How to Create a Key and Certificate

The first step in this security process is the creation of a private Key. And what is this private key?

Private Key:

Basically, it’s a set of random noise that’s used to encrypt information. In theory, you could create one key, and use it to encrypt whatever you want. But it is best practice to have different keys for specific things. Because if someone steals your private key, it’s similar to having someone steal your house keys. Imagine if you used the same key to lock your car, garage, office, etc.

Private keys can be generated in multiple ways. The example below illustrates use of the OpenSSL command-line interface to generate a 1024-bit RSA private key:

openssl genrsa -out private-key.pem 1024

Once we have our private key, we can create a CSR (certificate signing request), which is our request to have the private key signed by a fancy authority. That is why you have to input information related to your company. This information will be seen by the signing authority, and used to verify you. In our case, it doesn’t matter what you type, since in the next step we’re going to sign our certificate ourselves.

The OpenSSL command-line interface can be used to generate a CSR for a private key:

openssl req -new -key private-key.pem -out csr.pem

Now that we have our paper work filled out, it’s time to pretend that we’re a cool signing authority.

openssl x509 -req -in csr.pem -signkey private-key.pem -out public-cert.pem

Now that you have the private key and the public cert, you can establish a secure connection between two NodeJS apps. And, as you can see in the example code, it is a very simple process. Important!

Since we created the public cert ourselves, in all honesty, our certificate is worthless, because we are nobodies. The NodeJS server won’t trust such a certificate by default, and that is why we need to tell it to actually trust our cert with the following option rejectUnauthorized: false. Very important: never set this variable to true in a production environment.

TLS Socket Server

Here is an example of TLS socket server

'use strict';
var tls = require('tls'); 
var fs = require('fs'); 
const PORT = 1337; 
const HOST = '127.0.0.1' 
var options = { 
key: fs.readFileSync('private-key.pem'), 
cert: fs.readFileSync('public-cert.pem') 
}; 
var server = tls.createServer(options, function(socket) { 
// Send a friendly message 
socket.write("I am the server sending you a message."); 
// Print the data that we received 
socket.on('data', function(data) { 
console.log('Received: %s [it is %d bytes long]', 
data.toString().replace(/(\n)/gm,""), 
data.length); }); 
// Let us know when the transmission is over 
socket.on('end', function() { 
console.log('EOT (End Of Transmission)'); 
}); 
}); 
// Start listening on a specific port and address 
server.listen(PORT, HOST, function() { 
console.log("I'm listening at %s, on port %s", HOST, PORT); 
}); 
// When an error occurs, show it. 
server.on('error', function(error) { 
console.error(error); 
// Close the connection after the error occurred. 
server.destroy(); 
});

TLS Socket Client

Here is an example of TLS socket client

'use strict'; 
var tls = require('tls'); 
var fs = require('fs'); 
const PORT = 1337; 
const HOST = '127.0.0.1' 
// Pass the certs to the server and let it know to process even unauthorized certs. 
var options = { 
key: fs.readFileSync('private-key.pem'), 
cert: fs.readFileSync('public-cert.pem'), 
rejectUnauthorized: false 
}; 
var client = tls.connect(PORT, HOST, options, function() { 
// Check if the authorization worked 
if (client.authorized) { 
console.log("Connection authorized by a Certificate Authority.");
} else { 
console.log("Connection not authorized: " + client.authorizationError) 
} 
// Send a friendly message 
client.write("I am the client sending you a message."); 
}); 
client.on("data", function(data) { 
console.log('Received: %s [it is %d bytes long]', 
data.toString().replace(/(\n)/gm,""),
 data.length); 
// Close the connection after receiving the message 
client.end(); }); 
client.on('close', function() { 
console.log("Connection closed"); }); 
// When an error ocoures, show it. 
client.on('error', function(error) { 
console.error(error); 
// Close the connection after the error occurred. 
client.destroy(); 
});

original publish on Nodefrost.com

Recommended Courses:

Node.js Absolute Beginners Guide - Learn Node From Scratch

Master Full-Stack Web Development | Node, SQL, React, & More

Memory Based Learning Bootcamp: Node.js

Code with Node: Learn by Doing

Top Node.js Development Companies and Expert NodeJS Developers

Top Node.js Development Companies and Expert NodeJS Developers

A thoroughly researched list of top NodeJS development companies with ratings & reviews to help hire the best Node.JS developers who provide development services and solutions across the world. List of Leading Node.js development Service Providers...

A thoroughly researched list of top NodeJS development companies with ratings & reviews to help hire the best Node.JS developers who provide development services and solutions across the world.
List of Leading Node.js development Service Providers & Developers...

Node.js for Beginners - Learn Node.js from Scratch (Step by Step)

Node.js for Beginners - Learn Node.js from Scratch (Step by Step)

Node.js for Beginners - Learn Node.js from Scratch (Step by Step) - Learn the basics of Node.js. This Node.js tutorial will guide you step by step so that you will learn basics and theory of every part. Learn to use Node.js like a professional. You’ll learn: Basic Of Node, Modules, NPM In Node, Event, Email, Uploading File, Advance Of Node.

Node.js for Beginners

Learn Node.js from Scratch (Step by Step)

Welcome to my course "Node.js for Beginners - Learn Node.js from Scratch". This course will guide you step by step so that you will learn basics and theory of every part. This course contain hands on example so that you can understand coding in Node.js better. If you have no previous knowledge or experience in Node.js, you will like that the course begins with Node.js basics. otherwise if you have few experience in programming in Node.js, this course can help you learn some new information . This course contain hands on practical examples without neglecting theory and basics. Learn to use Node.js like a professional. This comprehensive course will allow to work on the real world as an expert!
What you’ll learn:

  • Basic Of Node
  • Modules
  • NPM In Node
  • Event
  • Email
  • Uploading File
  • Advance Of Node

Top 7 Most Popular Node.js Frameworks You Should Know

Top 7 Most Popular Node.js Frameworks You Should Know

Node.js is an open-source, cross-platform, runtime environment that allows developers to run JavaScript outside of a browser. In this post, you'll see top 7 of the most popular Node frameworks at this point in time (ranked from high to low by GitHub stars).

Node.js is an open-source, cross-platform, runtime environment that allows developers to run JavaScript outside of a browser.

One of the main advantages of Node is that it enables developers to use JavaScript on both the front-end and the back-end of an application. This not only makes the source code of any app cleaner and more consistent, but it significantly speeds up app development too, as developers only need to use one language.

Node is fast, scalable, and easy to get started with. Its default package manager is npm, which means it also sports the largest ecosystem of open-source libraries. Node is used by companies such as NASA, Uber, Netflix, and Walmart.

But Node doesn't come alone. It comes with a plethora of frameworks. A Node framework can be pictured as the external scaffolding that you can build your app in. These frameworks are built on top of Node and extend the technology's functionality, mostly by making apps easier to prototype and develop, while also making them faster and more scalable.

Below are 7of the most popular Node frameworks at this point in time (ranked from high to low by GitHub stars).

Express

With over 43,000 GitHub stars, Express is the most popular Node framework. It brands itself as a fast, unopinionated, and minimalist framework. Express acts as middleware: it helps set up and configure routes to send and receive requests between the front-end and the database of an app.

Express provides lightweight, powerful tools for HTTP servers. It's a great framework for single-page apps, websites, hybrids, or public HTTP APIs. It supports over fourteen different template engines, so developers aren't forced into any specific ORM.

Meteor

Meteor is a full-stack JavaScript platform. It allows developers to build real-time web apps, i.e. apps where code changes are pushed to all browsers and devices in real-time. Additionally, servers send data over the wire, instead of HTML. The client renders the data.

The project has over 41,000 GitHub stars and is built to power large projects. Meteor is used by companies such as Mazda, Honeywell, Qualcomm, and IKEA. It has excellent documentation and a strong community behind it.

Koa

Koa is built by the same team that built Express. It uses ES6 methods that allow developers to work without callbacks. Developers also have more control over error-handling. Koa has no middleware within its core, which means that developers have more control over configuration, but which means that traditional Node middleware (e.g. req, res, next) won't work with Koa.

Koa already has over 26,000 GitHub stars. The Express developers built Koa because they wanted a lighter framework that was more expressive and more robust than Express. You can find out more about the differences between Koa and Express here.

Sails

Sails is a real-time, MVC framework for Node that's built on Express. It supports auto-generated REST APIs and comes with an easy WebSocket integration.

The project has over 20,000 stars on GitHub and is compatible with almost all databases (MySQL, MongoDB, PostgreSQL, Redis). It's also compatible with most front-end technologies (Angular, iOS, Android, React, and even Windows Phone).

Nest

Nest has over 15,000 GitHub stars. It uses progressive JavaScript and is built with TypeScript, which means it comes with strong typing. It combines elements of object-oriented programming, functional programming, and functional reactive programming.

Nest is packaged in such a way it serves as a complete development kit for writing enterprise-level apps. The framework uses Express, but is compatible with a wide range of other libraries.

LoopBack

LoopBack is a framework that allows developers to quickly create REST APIs. It has an easy-to-use CLI wizard and allows developers to create models either on their schema or dynamically. It also has a built-in API explorer.

LoopBack has over 12,000 GitHub stars and is used by companies such as GoDaddy, Symantec, and the Bank of America. It's compatible with many REST services and a wide variety of databases (MongoDB, Oracle, MySQL, PostgreSQL).

Hapi

Similar to Express, hapi serves data by intermediating between server-side and client-side. As such, it's can serve as a substitute for Express. Hapi allows developers to focus on writing reusable app logic in a modular and prescriptive fashion.

The project has over 11,000 GitHub stars. It has built-in support for input validation, caching, authentication, and more. Hapi was originally developed to handle all of Walmart's mobile traffic during Black Friday.