问题
I'm building a web application using the MEAN stack. The site contains authentication (using passport.js) so I would like to secure our connection with SSL/TLS.
For our deployment we're using nginx as a reverse proxy to the Node app running on the same AWS EC2 instance.
My question is: With my setup, what is the best practice way to setup an https (SSL/TLS) connection? Should I get a certificate and set it up at the nginx layer? Should I do it in my node app directly? Is there some other better way?
I've done some googling but haven't found anything profound. If anyone could point me to an article on the topic that would be very useful as well.
Thanks in advance!
回答1:
First it's good to have SSL running on NGINX. So the communication is encrypted for the visitor in the first place (at least to the NGINX). If you're running Node on the same instance it's probably not absolutely necessary to encrypt also the traffic between Node and NGINX. But as soon as you have NGINX on another place running you should use SSL on Node too. As the data could potentially be accessed by Hackers.
来源:https://stackoverflow.com/questions/39492117/where-to-terminate-ssl-tls-in-node-nginx