I am using loopback to run the business logic of a web app, using wordpress as a front end. At the moment, when I am testing, I connect to the same server, and start loopback in a different directory, running on port 3000 at the moment. I have also opened port 3000 to remote connections
I can then connect to "example.com:3000" and "example.com:3000/explorer"
I have successfully set up the wordpress site to use the SSL certificate, and I am now looking to set loopback up the same, so that I can connect to the endpoints via https.
I have followed the directions in the following repository:
<a href="https://github.com/strongloop/loopback-example-ssl" rel="nofollow noreferrer">https://github.com/strongloop/loopback-example-ssl</a>
specifically I have
Created a directory named
under the server directory.
Ran the following commands in that directory
<br>
<br>
Note that I am not familiar with these commands. I did some searching, and answered the questions for the cert as best as I could
Copied the following file into the
directory as
And finally I have copied over
from the example as follows
When I start loopback, it tells me that it is running on <a href="https://0.0.0.0:3000" rel="nofollow noreferrer">https://0.0.0.0:3000</a>
When I connect to
or
, the endpoints are available but chrome is telling me that the connection is not secure.
I would very much like to have the wordpress site, as well as loopback using https only, but only because I understand that this is the best place to start for making the app secure.
I can then connect to "example.com:3000" and "example.com:3000/explorer"
I have successfully set up the wordpress site to use the SSL certificate, and I am now looking to set loopback up the same, so that I can connect to the endpoints via https.
I have followed the directions in the following repository:
<a href="https://github.com/strongloop/loopback-example-ssl" rel="nofollow noreferrer">https://github.com/strongloop/loopback-example-ssl</a>
specifically I have
Created a directory named
Code:
privateRan the following commands in that directory
Code:
$ openssl genrsa -out privatekey.pem 1024
Code:
$ openssl req -new -key privatekey.pem -out certrequest.csr
Code:
$ openssl x509 -req -in certrequest.csr -signkey privatekey.pem -out certificate.pemNote that I am not familiar with these commands. I did some searching, and answered the questions for the cert as best as I could
Copied the following file into the
Code:
server
Code:
ssl-config.js
Code:
var path = require('path');
var fs = require('fs');
exports.privateKey = fs.readFileSync(path.join(__dirname, './private/privatekey.pem')).toString();
exports.certificate = fs.readFileSync(path.join(__dirname, './private/certificate.pem')).toString();And finally I have copied over
Code:
server/server.js
Code:
var loopback = require('loopback');
var boot = require('loopback-boot');
var http = require('http');
var https = require('https');
var sslConfig = require('./ssl-config');
var app = module.exports = loopback();
// boot scripts mount components like REST API
boot(app, __dirname);
app.start = function(httpOnly) {
if (httpOnly === undefined) {
httpOnly = process.env.HTTP;
}
var server = null;
if (!httpOnly) {
var options = {
key: sslConfig.privateKey,
cert: sslConfig.certificate,
};
server = https.createServer(options, app);
} else {
server = http.createServer(app);
}
server.listen(app.get('port'), function() {
var baseUrl = (httpOnly ? 'http://' : 'https://') + app.get('host') + ':' +
app.get('port');
app.emit('started', baseUrl);
console.log('LoopBack server listening @ %s%s', baseUrl, '/');
if (app.get('loopback-component-explorer')) {
var explorerPath = app.get('loopback-component-explorer').mountPath;
console.log('Browse your REST API at %s%s', baseUrl, explorerPath);
}
});
return server;
};
// start the server if `$ node server.js`
if (require.main === module) {
app.start();
}When I start loopback, it tells me that it is running on <a href="https://0.0.0.0:3000" rel="nofollow noreferrer">https://0.0.0.0:3000</a>
When I connect to
Code:
https://www.example.com:3000
Code:
https://www.example.com:3000/explorerI would very much like to have the wordpress site, as well as loopback using https only, but only because I understand that this is the best place to start for making the app secure.