Let’s Encrypt is a service supported by a slew of companies and organizations including Mozilla and EFF which offers free certificates for use with HTTPS (SSL/TLS)
Certbot is a tool that we can use to interact with Let’s Encrypt:
Of course, to implement HTTPS, you'll want to have a domain name pointing to your server and then generate a certificate for that domain.
With Let's Encrypt we have to verify that we control the domain by running a server and issuing the certbot command. For instance if I had dwd.walking-production.com pointing to my server, I would run a basic webserver with a "public" directory on port 80 (perhaps using the npm module http-server with the command: http-server -p 80) and then I would issue the command like this:
certbot certonly --webroot -w /path/to/server/root/public -d domain.name
Using this with a real server and domain it would look like this:
certbot certonly --webroot -w /root/public -d dwd.walking-productions.com
which would generate the private key and certificate here in /etc/letsencrypt/live/domain.name
I can then use those files to run my secure server in the same manner as any other certificates.
var credentials = {
key: fs.readFileSync('/etc/letsencrypt/live/domain.name/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/domain.name/cert.pem')
};