인증서파일(certificate.cnf,ca_bundle.crt)과 암호파일을(private.key) 준비
리눅스 서버에 openssl 패키지를 설치
rpm -qa openssl
yum install openssl
yum -y install openssl-devel
암호파일 패스워드 벗겨내고 (※암호 파일 백업필수) 암호파일을 사용하기위해 권한 777로 설정
openssl rsa -in private.key -out private.key.nopass
/etc/httpd/conf.d/ssl.conf 로 닼뤁 설정
Listen 443 https
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLCryptoDevice builtin
<VirtualHost *:443>
ServerName naver.com
ServerAlias naver.com
DocumentRoot /
<Directory "/">
AllowOverride FileInfo
Require all granted
DirectoryIndex index.php
</Directory>
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /certificate.crt
SSLCertificateKeyFile /private.key
SSLCACertificateFile /ca_bundle.crt
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
<VirtualHost *:443>
ServerName naver.com
ServerAlias naver.com
DocumentRoot /
<Directory "/">
AllowOverride FileInfo
Require all granted
DirectoryIndex index.php
</Directory>
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /certificate.crt
SSLCertificateKeyFile /private.key
SSLCACertificateFile /ca_bundle.crt
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
var fs = require('fs');
//익스프레스,바디파스,포스트 받기,JSON 까찌 다 되는 형태
var options = {
key: fs.readFileSync('/nopassprivate.key'),
cert: fs.readFileSync('/certificate.crt'),
ca: fs.readFileSync('/erp/KIC_IN/SSL/ca_bundle.crt')
};
var express = require('/node_modules/express');
var socketio = require('/node_modules/socket.io');
var request = require('/node_modules/request');
var app = express();
var server = require('https').createServer(options,app);
var io = require('socket.io')(server);
var port = process.env.PORT || 30000;
var bodyParser = require('body-parser');
app.use(bodyParser.json());
server.listen(port, function () {
console.log('New client');
});