I hadn’t given too much thought to encrypting the traffic to my applications, until developing for 3rd party services like Facebook Messenger or using service workers require your server to use https.

For a full stack JavaScript application we need to setup encrypt on both the front-end and the back-end.

Front-End Encryption

I’m serving my files (fonts, HTML, JS) over Apache on Ubuntu 16.04 on DigitalOcean.

Today I setup encryption for chiangmaimovies.com I already had setup the Virtual Host for this domain. To add encryption I followed this guide to Secure Apache with Let’s Encrypt.

It was as simple as..

apt-get update

apt-get install python-letsencrypt-apache

letsencrypt --apache -d chiangmaimovies.com

I then answered a prompt on choosing to get all traffic redirected to https. And that’s it!

Server Side Encryption

I’m using Node.js as my backend server.

So first I needed to generate the security files for the server. This is done by typing

letsencrypt certonly --standalone -d golightlyplus.com -d www.golightlyplus.com

Then my Node.js code needed to be updated to include these files. Here is a stripped down version of my code…

And that’s it! You can view a sample response from my server response by going to https://golightlyplus.com:3003/maya-mall

 

Any thoughts or comments, please ask below. :)