Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

create-servers

Package Overview
Dependencies
Maintainers
6
Versions
25
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

create-servers

Create an http AND/OR an https server and call the same request handler.

  • 2.6.0
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
1K
increased by33.85%
Maintainers
6
Weekly downloads
 
Created
Source

create-servers

Create an http AND/OR an https server and call the same request handler.

Usage

The create-servers module exports a function that takes a config object and a node-style callback. The config object must have at minimum an http or https property (or both). The following config properties are supported:

PropertyDescription
handlerRequest handler to be used for any server, unless overridden specifically with http.handler or https.handler.
timeoutSocket timeout in milliseconds for any server, unless overridden with http.timeout or https.timeout. Defaults to the node default of 2 minutes.
httpOptional. If present, an HTTP server is started. This can be an object or a number. If it's a number, it's used as the TCP port for an HTTP server.
http.portTCP port for the HTTP server. Defaults to 80.
http.hostThe address the HTTP server is bound to. Defaults to :: or 0.0.0.0.
http.timeoutSocket timeout in milliseconds for the server. If unspecified, the top-level timeout configuration is used.
http.handlerHandler for HTTP requests. If you want to share a handler with all servers, use a top-level handler config property instead.
httpsOptional object. If present, an HTTPS server is started.
https.portTCP port for the HTTPS server. Defaults to 443.
https.hostThe address the HTTPS server is bound to. Defaults to :: or 0.0.0.0.
https.timeoutSocket timeout in milliseconds for the server. If unspecified, the top-level timeout configuration is used.
https.ciphersDefaults to a default cipher suite. To customize, either supply a colon-separated string or array of strings for the ciphers you want the server to support.
https.honorCipherOrderIf true, prefer the server's specified cipher order instead of the client's. Defaults to false.
https.rootRoot directory for certificate/key files. See Certificate normalization for more details.
https.keyPEM/file path for the server's private key. See Certificate normalization for more details.
https.certPEM/file path(s) for the server's certificate. See Certificate normalization for more details.
https.caCert or array of certs specifying trusted authorities for peer certificates. Only required if your server accepts client certificate connections signed by authorities that are not trusted by default. See Certificate normalization for more details.
https.sniSee SNI Support.
https.handlerHandler for HTTPS requests. If you want to share a handler with all servers, use a top-level handler config property instead.
https.*Any other properties supported by https.createServer can be added to the https object, except secureProtocol and secureOptions which are set to recommended values.

If successful, the create-servers callback is passed an object with the following properties:

PropertyDescription
httpThe HTTP server that was created, if any
httpsThe HTTPS server that was created, if any

Certificate Normalization

create-servers provides some conveniences for https.ca, https.key, and https.cert config properties. You may use PEM data directly (inside a Buffer or string) or a file name. When using a file name, you must also set an https.root config property if using relative paths to cert/key files.

https.ca, https.cert, and https.key also support specifying an Array. Given an array for cert, you must have a matching array for key so each cert can be matched with its private key.

const createServers = require('create-servers');

createServers({
  https: {
    root: '/cert/path',
    cert: ['cert1.crt', 'cert2.crt'],
    key: ['cert1.key', 'cert2.key']
  }
}, err => {
  // ...
})

If you have a cert that is signed by an intermediate CA, your server will need to append the untrusted parts of the CA chain with your cert. To make this more convenient, create-servers lets you use an array to automatically create a chain.

const createServers = require('create-servers');

createServers({
  https: {
    root: '/cert/path',
    cert: ['cert.crt', 'intermediate.crt'],
    key: 'cert.key'
  }
}, err => {
  // ...
})

If you are specifying multiple certs and you want to create chains for each, use an array of arrays.

const createServers = require('create-servers');

createServers({
  https: {
    root: '/cert/path',
    cert: [['cert1.crt', 'intermediate.crt'], 'cert2.crt'],
    key: ['cert1.key', 'cert2.key']
  }
}, err => {
  // ...
})

SNI Support

Server Name Indication, or SNI, lets HTTPS clients announce which hostname they wish to connect to before the server sends its certificate, enabling the use of the same server for multiple hosts. Although SNICallback can be used to support this, you lose the convenient certificate normalization provided by create-servers. The sni config option provides an easier way.

The sni option is an object with each key being a supported hostname and each value being a subset of the HTTPS settings listed above. HTTPS settings defined at the top level are used as defaults for the hostname-specific settings.

const createServers = require('create-servers');

createServers(
  {
    https: {
      port: 443,
      sni: {
        'example1.com': {
          key: '/certs/private/example1.com.key',
          cert: '/certs/public/example1.com.crt'
        },
        'example2.com': {
          key: '/certs/private/example2.com.key',
          cert: '/certs/public/example2.com.crt'
        }
      }
    },
    handler: function (req, res) {
      res.end('Hello');
    }
  },
  function (errs) {
    if (errs) {
      return console.log(errs.https);
    }

    console.log('Listening on 443');
  }
);

Use * in the hostname for wildcard certs. Example: *.example.com. The following settings are supported in the host-specific configuration:

  • key
  • cert
  • ca
  • ciphers
  • honorCipherOrder
  • Anything else supported by tls.createSecureContext

NOTE on Security

Inspired by iojs and a well written article, we have defaulted our ciphers to support "perfect-forward-security" as well as removing insecure cipher suites from being a possible choice. With this in mind, be aware that we will no longer support ie6 on windows XP by default.

Examples

http

var createServers = require('create-servers');

var servers = createServers(
  {
    http: 80,
    handler: function (req, res) {
      res.end('http only');
    }
  },
  function (errs) {
    if (errs) {
      return console.log(errs.http);
    }

    console.log('Listening on 80');
  }
);

https

var servers = createServers(
  {
    https: {
      port: 443,
      root: '/path/to/ssl/files',
      key: 'your-key.pem',
      cert: 'your-cert.pem',
      ca: 'your-ca.pem' // Can be an Array of CAs
    },
    handler: function (req, res) {
      res.end('https only');
    }
  },
  function (errs) {
    if (errs) {
      return console.log(errs.https);
    }

    console.log('Listening on 443');
  }
);

http && https

var servers = createServers(
  {
    http: 80,
    https: {
      port: 443,
      root: '/path/to/ssl/files',
      key: 'your-key.pem',
      cert: 'your-cert.pem',
      ca: 'your-ca.pem' // Can be an Array of CAs
    },
    handler: function (req, res) {
      res.end('http AND https');
    }
  },
  function (errs, servers) {
    if (errs) {
      return Object.keys(errs).forEach(function (key) {
        console.log('Error ' + key + ': ' + errs[key]);
        if (servers[key]) {
          servers[key].close();
        }
      });
    }

    console.log('Listening on 80 and 443');
  }
);

http && https (different handlers)

var servers = createServers(
  {
    http: {
      port: 80,
      handler: function (req, res) {
        res.end('http');
      }
    },
    https: {
      port: 443,
      root: '/path/to/ssl/files',
      key: 'your-key.pem',
      cert: 'your-cert.pem',
      ca: 'your-ca.pem', // Can be an Array of CAs
      handler: function (req, res) {
        res.end('https');
      }
    }
  },
  function (errs, servers) {
    if (errs) {
      return Object.keys(errs).forEach(function (key) {
        console.log('Error ' + key + ': ' + errs[key]);
        if (servers[key]) {
          servers[key].close();
        }
      });
    }

    console.log('Listening on 80 and 443');
  }
);

Author: Charlie Robbins

License: MIT

Keywords

FAQs

Package last updated on 17 Jul 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc