如何在meteor.js中使用force-ssl而不部署到meteor.com子域？

Question

該文件不清楚。如何在本地主機上安裝證書等？

force-ssl 

This package causes Meteor to redirect insecure connections (HTTP) to a secure URL (HTTPS). Use this package to ensure that communication to the server is always encrypted to protect users from active spoofing attacks. 

To simplify development, unencrypted connections from localhost are always accepted over HTTP. 

Application bundles (meteor bundle) do not include an HTTPS server or certificate. A proxy server that terminates SSL in front of a Meteor bundle must set the standard x-forwarded-proto header for the force-ssl package to work. 

Applications deployed to meteor.com subdomains with meteor deploy are automatically served via HTTPS using Meteor's certificate. 

Answer 1

您不需要在本地主機上安裝證書。正如它所說的「爲了簡化開發，通過HTTP始終接受來自本地主機的未加密連接」，這意味着您可以在不使用SSL的情況下開發和測試應用程序，也不需要安裝證書。像往常一樣運行你的應用程序並使用http://localhost:3000訪問它。

如果您正在討論爲面向公衆的應用程序安裝證書，最好使用反向代理服務器（例如nginx）並安裝該服務器的證書。​​

Answer 2

我已經通過設置終止流星在SSL前面的Apache反向代理，並希望在此處記錄文檔。

添加以下爲SSL虛擬主機配置文件：

<VirtualHost _default_:443> 
     ServerName server.domain.com 

     ## SSL Engine Switch: 
     # Enable/Disable SSL for this virtual host. 
     SSLEngine on 

     ## Proxy to port 3000 for Meteor apps 
     SSLProxyEngine On 
     ProxyRequests Off # Disable forward proxying 
     ProxyPass/http://localhost:3000 
     ProxyPassReverse/http://localhost:3000 

     ## Your other SSL config directives such as certificates, etc. 

</VirtualHost>