Node.js - Change the SSL certificate for an HTTPS server dynamically at runtime

Question

I'm building an HTTPS proxy in node. Basically I'm allowing people to set a DNS CNAME alias to my proxy machine (which has a wildcard DNS setupped), and import their SSL certificate into my application (like AWS Elastic Load Balancer does) so that their CNAME hostname is properly protected and recognized by the client on every request.

Now I'm working on the proxy side, and I'm trying to find a way to load the right certificate dynamically before the SSL handshake with the client. The workflow is:

A new request is received by the server
Get the hostname requested by the client (that is the DNS CNAME alias set by the user)
Load the right certificate belonging to that hostname
Use the loaded certificate in the current request (need help here)
Handshake (with the loaded certificate - which varies from request to request)

Is there a way to do that?

score 1 · Answer 1 · answered Oct 29 '11 at 02:12

1

Here we go: using SNI in node should make it work.

The problem is that not all the clients (browsers or libraries) support it yet.

answered Oct 29 '11 at 02:12

Mark

67,098
47
117
162

Node.js - Change the SSL certificate for an HTTPS server dynamically at runtime

1 Answers1