node.js hosting with SSL?

Question

So say I have a node.js application that hosts both a HTTP and HTTPS server as described in the question: How to force SSL / https in Express.js

In my code I have the following:

// General configuration settings for production usage
app.configure(function () {
  app.set('port', process.env.PORT || 3000);
  app.set('sslport', process.env.SSLPORT || 4000);
  ...
}

http.createServer(app).listen(app.get('port'), function () {
  winston.info('Express server listening on port ' + app.get('port'));
});

var options = {
  key: fs.readFileSync('key.pem'),
  cert: fs.readFileSync('cert.pem')
};

https.createServer(options, app).listen(app.get('sslport'), function () {
  winston.info('Express server listening on port ' + app.get('sslport'));
});

Which works perfectly fine for a local running node server.

However, I want to publish my site to a cloud hosted provider like Azure Web Sites, Heroku, Nodejitsu, etc.

All of the cloud hosts seem to set a process.env.PORT value, but only the one. When my HTTPS server is created this usually results in the app crashing, as the PORT is already in use / access denied / etc.

So how do I create / host a site with a secure login page with only one port to work with!?

Answer 1

If you use Heroku you get SSL without needing to specify a port in nodejs. All you need to do is listen on the heroku PORT environment variable for http requests. Once uploaded to heroku you can address your heroku app using either https (on 443) or http (on port 80). Heroku routes either to your server.

Similarly if using elastic load balancing with EC2 you can make use of SSL termination at the load balancer, and again route to your node server listening on port 80 using using http. http://aws.amazon.com/elasticloadbalancing

In both cases you can use either self-signed or proper SSL certificates depending upon your need.