前言
在前端开发中,https 协议越来越重要,因为它可以提供数据的传输安全性。然而,对于开发者来说,手动部署证书是一项繁琐的任务。为了解决这个问题,有很多工具和服务可以使用,其中一个非常好用的是 node-red-contrib-lets-encrypt npm 包。
在本文中,我们将介绍如何使用该 npm 包,以及如何部署 HTTPS 服务。
安装
首先,你需要安装 node-red-contrib-lets-encrypt。
在终端中输入以下命令:
npm install node-red-contrib-lets-encrypt
接下来,让我们开始使用它。
用法
在 Node-RED 项目中使用 node-red-contrib-lets-encrypt 很简单。你需要分三步操作:
- 添加 acme 配置节点
在 Node-RED 中添加一个 acme 配置节点,该节点是 node-red-contrib-lets-encrypt npm 包的核心。它将自动获取和更新证书。
- 添加使用证书的节点
添加一个需要使用证书的节点,以使用新的证书。
- 部署 HTTPS 服务
使用 Node-RED 的 HTTP In 节点,将监听端口更改为 HTTPS 端口。如果您使用的是 Raspberry Pi,则需要部署到一个不同于默认的端口 1880 的端口。要更改监听端口,只需将端口更改为 443 并启用 TLS。
[{"id":"e668747a.81272","type":"http in","z":"8bcbd287.eb90e8","name":"","url":"/","method":"get","upload":false,"swaggerDoc":"","x":250,"y":180,"wires":[[]]},{"id":"a83449b8.ff7b2","type":"http in","z":"8bcbd287.eb90e8","name":"","url":"/tls","method":"get","upload":false,"swaggerDoc":"","x":250,"y":220,"wires":[[]]},{"id":"af41d490.22a1c8","type":"http in","z":"8bcbd287.eb90e8","name":"","url":"/tls-http","method":"get","upload":false,"swaggerDoc":"","x":260,"y":260,"wires":[[]]}]
以上是一个简单的 HTTPS 服务部署过程。你也可以使用其他方式进行 https 部署。
示例代码
[{"id":"75151e81.78a5b4","type":"acme-config","z":"","tlsConfig":"751955b2.f577","tlsConfigStatus":"","domain":"example.com","email":"example@example.com","staging":true,"nodes":[]},{"id":"3a3ddd97.cd52dc","type":"tls-config","z":"","name":"default_tls_config","cert":"","key":"","ca":"","certname":"","keyname":"","caname":"","servername":"","verifyservercert":true,"verifyservercertstrict":false,"notifyfalsealarm":false,"ciphers":"","cipherstrengthen":"","prefercipherlist":false,"tickperiod":"1h","tkhandshakeperiod":"10s","nodeid":"","nodes":[]},{"id":"2cc505f1.ea1de","type":"http in","z":"e3d3d271.1cf82","name":"","url":"/","method":"get","upload":false,"swaggerDoc":"","x":260,"y":160,"wires":[["2abbf1c.bc88762"]]},{"id":"2abbf1c.bc88762","type":"http response","z":"e3d3d271.1cf82","name":"","statusCode":"200","headers":{},"x":460,"y":160,"wires":[]},{"id":"1a6a98a6.3c8abe","type":"inject","z":"e3d3d271.1cf82","name":"","topic":"","payload":"","payloadType":"date","repeat":"","crontab":"","once":false,"onceDelay":0.1,"x":110,"y":160,"wires":[["2abbf1c.bc88762"]]},{"id":"ebd110a.b929fd8","type":"http in","z":"e3d3d271.1cf82","name":"","url":"/tls","method":"get","upload":false,"swaggerDoc":"","x":250,"y":220,"wires":[["e40c51d5.dc295"]]},{"id":"e40c51d5.dc295","type":"http response","z":"e3d3d271.1cf82","name":"","statusCode":"200","headers":{"Content-Type":"application/json"},"x":470,"y":220,"wires":[]},{"id":"b79d201d.7b0e48","type":"inject","z":"e3d3d271.1cf82","name":"","topic":"","payload":"","payloadType":"date","repeat":"","crontab":"","once":false,"onceDelay":0.1,"x":110,"y":220,"wires":[["e40c51d5.dc295"]]},{"id":"54d099c7.08b37","type":"http in","z":"e3d3d271.1cf82","name":"","url":"/tls-http","method":"get","upload":false,"swaggerDoc":"","x":260,"y":280,"wires":[["fcbe165a.353ad"]]},{"id":"fcbe165a.353ad","type":"http response","z":"e3d3d271.1cf82","name":"","statusCode":"200","headers":{},"x":470,"y":280,"wires":[]},{"id":"93cdfa77.b2da","type":"inject","z":"e3d3d271.1cf82","name":"","topic":"","payload":"","payloadType":"date","repeat":"","crontab":"","once":false,"onceDelay":0.1,"x":110,"y":280,"wires":[["fcbe165a.353ad"]]},{"id":"751955b2.f577","type":"tls-config","z":"","name":"example_com","cert":"","key":"","ca":"","certname":"","keyname":"","caname":"","servername":"","verifyservercert":true,"verifyservercertstrict":false,"notifyfalsealarm":false,"ciphers":"","cipherstrengthen":"","prefercipherlist":false,"tickperiod":"5m","tkhandshakeperiod":"5s","nodeid":"","nodes":[]}]
上述代码包含以下节点:
acme-config: 配置节点tls-config: 包含密钥和证书的tls-config节点http in: HTTP 监听节点http response: HTTP 响应节点inject: 定时执行节点
结论
node-red-contrib-lets-encrypt npm 包是一个很棒的 npm 包,可以让你轻松自动化部署和更新证书,还可以方便地部署 HTTPS 服务。
希望本文能对你有所帮助。
来源:JavaScript中文网 ,转载请注明来源 https://www.javascriptcn.com/post/101672
