Installing SSL Certificate On Node Server

I created a self-signed certificate and installed it on apache as well as on node.js(port 3000). On localhost both https://localhost and https://localhost:3000 works well.

So, I bought GoDaddy Standard SSL certificate and installed it on the server(http://gatherify.com). Now https://gatherify.com works well, but ssl on node isn't working. When I access https://gatherify.com:3000 i get "The connection was interrupted".

I executed curl: 

root@host [~]# curl -v -s -k https://gatherify.com:3000
* About to connect() to gatherify.com port 3000 (#0)
*   Trying 108.160.156.123... connected
* Connected to gatherify.com (108.160.156.123) port 3000 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* NSS error -5938
* Closing connection #0
* SSL connect error

Any suggestions to fix this?

UPDATE *SERVER SIDE :*

var io = require('socket.io'), 
    connect = require('connect'), 
    fs = require('fs'),

var privateKey = fs.readFileSync('cert/server.key').toString();
var certificate = fs.readFileSync('cert/server.crt').toString();

var options = { 
    key: privateKey,
    cert: certificate
};

var app = connect(options).use(connect.static('../htdocs/node/'));
app.listen(3000);
var server = io.listen(app);

server.sockets.on('connection', function(socket) { 
console.log("Connected");
});

CLIENT SIDE: 

<html> <head>

<script type = "text/javascript" src = "https://gatherify.com:3000/socket.io/socket.io.js"></script>

<script type = "text/javascript">

var socket = io.connect('https://gatherify.com:3000', {secure:true}); 

</script>

</head><body></body></html>

If you want to run a node.js app on port 3000 with (behind) HTTPS, then you need to set up a proxy service on port 443 to proxy HTTPS requests to port 3000.

You didn't mention what server you have running on port 443 right now (is it Apache?) but you might want to

  1. move that service to a new port (e.g. 4000), then run a node http proxy on port 443 that handles HTTPS.
  2. Then set up a subdomain for the node.js app that you have running on port 3000 (e.g. blah.gatherify.com).
  3. Then, using node http proxy, you will proxy all requests that are made to "gatherify.com" to port 4000, and all requests that are made to "blah.gatherify.com" to port 3000.

When all is set up properly, users can visit "https://gatherify.com" or "https://blah.gatherify.com" (without using :port numbers) and it'll all be secured with SSL. ;)

Install certificates Client Side (in Node.js)

If you need a node.js client to be able to recognize your self-assigned or cheaply-bought SSL certificates you can use ssl-root-cas, which is available on npm.

'use strict';

var https = require('https')
  , cas
  ;

// This will add the well-known CAs
// to `https.globalAgent.options.ca`
require('ssl-root-cas').inject();

cas = https.globalAgent.options.ca;

cas.push(fs.readFileSync(path.join(__dirname, 'ssl', '01-cheap-ssl-intermediary-a.pem')));
cas.push(fs.readFileSync(path.join(__dirname, 'ssl', '02-cheap-ssl-intermediary-b.pem')));
cas.push(fs.readFileSync(path.join(__dirname, 'ssl', '03-cheap-ssl-site.pem')));

This will make your certs available to the core https module as well as modules that depend on it such as request and socket.io-client without deleting the normal ssl certs (which is the default behavior for some odd reason).