The HTTPS module provides a way to establish secure, encrypted communications over the network. HTTPS stands for HTTP over TLS/SSL. Unlike the standard HTTP module, which transmits data in plain text, HTTPS encrypts the data to protect it from being read or modified by malicious actors.
In modern web development, serving traffic over HTTPS is an absolute requirement for protecting user privacy, handling passwords, and securing API endpoints.
The https module functions almost exactly like the http module. The main difference is that when you create an HTTPS server, you must provide an SSL/TLS certificate and a private key.
const https = require('https');
const fs = require('fs');
To launch an HTTPS server, you need a pair of cryptographic files: a key (private) and a cert (public certificate). In production, you typically obtain these from a Certificate Authority like Let's Encrypt.
const https = require('https');
const fs = require('fs');
// Read your SSL certificate files
const options = {
key: fs.readFileSync('private-key.pem'),
cert: fs.readFileSync('certificate.pem')
};
// Create the secure server
const server = https.createServer(options, (req, res) => {
res.writeHead(200, { 'Content-Type': 'text/html' });
res.end('<h1>Welcome to the Secure Server!</h1>');
});
server.listen(443, () => {
console.log('Secure server is running on port 443');
});
Note: Port 443 is the default port used for HTTPS web traffic.
What do you need to pass to https.createServer() that isn't required by the standard HTTP module?