Need help in configuring unleash on HTTPS

Question

I have my server file something like below.

const unleash = require('unleash-server');
unleash
.start({
db: {
ssl: false,
host: 'localhost',
port: 5432,
database: 'unleash',
user: 'unleash_user',
password: 'password',
},
server: {
port: 8443,
},
})
.then((unleash) => {
console.log(
Unleash started on http://localhost:${unleash.app.get('port')},
);
});
I

have 2 question here...

1. I am getting secrets as /vault/secrets/cert.pem and /vault/secrets/key.pem ...I want to configure these secrets for 8443 port which is HTTPS...Is there a way I can configure my secrets

2. I need to run my application on 2 ports HTTP 4242 and HTTPS 8443 Is there a way I can configure unleash with this

I tried to put but seems it is not working

Answer 1

Unleash recommends setting up a proxy terminating HTTPS for you and speaking HTTP to Unleash, as does the Express docs (the web framework running Unleash). See http://expressjs.com/en/advanced/best-practice-security.html#use-tls

You can use a proxy server like Nginx and configure both the SSL termination and listening on multiple ports.

Here's an example of how your Nginx config file could look like:

# HTTP on 4242
server {
    listen 4242;
    server_name your_domain.com;

    # Any other settings...

    location / {
        proxy_pass http://localhost:4242;
        # Any other proxy settings...
    }
}

# HTTPS on 8443
server {
    listen 8443 ssl;
    server_name your_domain.com;

    ssl_certificate /path/to/your/cert.pem;
    ssl_certificate_key /path/to/your/key.pem;

    # Any other settings, like recommended SSL settings...

    location / {
        proxy_pass http://localhost:4242;
        # Any other proxy settings...
    }
}

If you insist on having Unleash do HTTPS termination for you, you'll need to set that up yourself using

• http://expressjs.com/en/5x/api.html#app.listen
• https://nodejs.org/api/https.html#httpscreateserveroptions-requestlistener

This would look something like:

const https = require('node:https');
const fs = require('node:fs');
const options = {
  key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'),
  cert: fs.readFileSync('test/fixtures/keys/agent2-cert.pem')
};

let app = unleash.create();
https.createServer(options, app).listen(443);