I am Hack Sparrow
Captain of the Internets.

Express.js HTTPS Server Client Example

In this tutorial I will show you how to set up an HTTPS ExpressJS server and connect to it using a TLS client.

I will assume you already know how to set up a basic Express.js app, if not read this tutorial. Create an Express app, and use the following code as the server:

var fs = require('fs');
var express = require('express');
var https = require('https');
var key = fs.readFileSync('./key.pem');
var cert = fs.readFileSync('./cert.pem')
var https_options = {
    key: key,
    cert: cert
var PORT = 8000;
var HOST = 'localhost';
app = express();


server = https.createServer(https_options, app).listen(PORT, HOST);
console.log('HTTPS Server listening on %s:%s', HOST, PORT);

// routes
app.get('/hey', function(req, res) {
app.post('/ho', function(req, res) {

Hmmm what be those .pem files? Those are the associated SSL certificates for your HTTPS web server. Read up: How to create SSL certificates for Node.js.

And here is the code for the TLS client:

var PORT = 8000;
var HOST = 'localhost';
var tls = require('tls');
var fs = require('fs');

var options = { ca: [ fs.readFileSync('./cert.pem') ] };
var client = tls.connect(PORT, HOST, options, function() {
    if (client.authorized) {
        console.log('CONNECTED AND AUTHORIZED\n');
        client.on('close', function() {
            console.log('SOCKET CLOSED\n');
        // Time to make some request to the server
        // We will write straight to the socket, but recommended way is to use a client library like 'request' or 'superagent'
        client.write('GET /hey HTTP/1.1\r\n');
        client.write('POST /ho HTTP/1.1\r\n');

    else {
        console.log('AUTH FAILED\n');
client.on('data', function(data) {

In this example I am writing directly to the client socket to keep things simple. The recommended way to write data to the HTTPS server is to use specialized clients like request or superagent.

Code not working? Need any help? Ping me in the comments as usual.

9 Responses to “Express.js HTTPS Server Client Example”

  1. Mittinho says:

    Let be the first to comment. This is a very good, pretty exhaustive.( at leastfor a newbie to node.js & express.js world) thanks for posting this.

  2. quim says:

    very cool thanks man

  3. shiva says:

    Really good explanation. can you help me in doing the same using ‘request’ module that you mentioned at the end ?

  4. Timo says:

    Do I need the Client part? I don’t know where to import it, so I left it. But Chrome asked me to accept the certificate anyway and I got the page.

  5. Captain says:

    You don’t need it if you are using Chrome to access the website.

  6. AJ ONeal says:

    Here’s a zero-config example of trusted peer certs that I put together so people can just git clone, run, and then swap out the dummy certs with real ones. It also includes bash scripts for creating the dummy certificates: https://github.com/coolaj86/nodejs-ssl-trusted-peer-example

    It also includes the curl command with necessary options to validate the peer Root CA.

  7. Alex says:

    Hello, Do you know how can I use this example with angularJS ? I cannot figure how I can implement the client side.
    Is it secure if I don’t use the client side & I post something from a form to the server ? Thanks a lot.

  8. Kfir says:


    I keep getting ssl_error_no_cypher_overlap both in firefox and chrome.
    Any idea how to overcome it?
    In addition, Did you test it with express and static folder?


  9. psi says:

    Thanks for this! Only thing that has changed. is that the app.configure is deprecated in later versions of Express. You can remove the configure + function call and put there only the contents of the function. But you helped me a long way. Great!

Make a Comment