Node.js Multiple SSL Certificates

8
votes

Is it possible to have Node.js use multiple SSL certificates? I am currently using one certificate but had a new certificate issued that matches other domains.

Since my server is behind a load balancer, there are two ways to get to it and I'd like to match them. Is there a way to use two certificates, instead of creating one with both matches?

1
node.jssslssl-certificate
Possible duplicate of Is it Possible to Dynamically Return an SSL Certificate in NodeJS?Ali

1 Answers

7
votes

See this answer for hosting multiple domains on a single https server

In short, you can use the SNI callback from the https server.

SNI stands for Server Name Identification and it is implemented by all modern browsers.

How it works:

The browser sends the hostname unencrypted (if it supports SNI). The rest of the request is encrypted by the certificate. The HTTPs module can then let you decide which SSL certificate is going to be used to decrypt the connection.

SNI Notes:

  • SNI is used by AWS Cloudfront and other services, if you require a secure connection
  • SNI requires a modern browser for it to work.. However given that AWS uses it gives me confidence in using it too.
  • Depending on how you implement it, it may slow down the request.
  • It may be better to put a nginx proxy in front of this.
  • Your connection then travels like this: Client -> (HTTPS) -> NGINX -> (HTTP) -> Node
  • Nginx could also serve static files, which may optimise your site.

I hope this helps you. I am posting this for documentation purposes.