# 2.8.Create free ssl for express web server * 1.本篇記錄使用ssl for free ([https://www.sslforfree.com/)申請一個免費的ssl](https://www.sslforfree.com/\)%E7%94%B3%E8%AB%8B%E4%B8%80%E5%80%8B%E5%85%8D%E8%B2%BB%E7%9A%84ssl) certificates, 並將它加到node express web server中 * 2.首先必須先要有一個自己的domain name, 並將此domain name輸入到欄位中 ![](https://3195929128-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M4M0G8GO2MkGtHfarAf%2F-M4M0IHoyFvfGKjf7P-T%2F-M4M0Nl3tKBna7n76ZK9%2F4efc0b13-c83f-4a0b-95fb-0e684a0a7f7e.png?generation=1586302921914481\&alt=media) * 3.按下按鈕後, 選擇**Manual Verification** ![](https://3195929128-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M4M0G8GO2MkGtHfarAf%2F-M4M0IHoyFvfGKjf7P-T%2F-M4M0Nl5Kn9KWBr2zCvW%2F7cb719f7-ba79-492c-8882-3c32a649ad1d.png?generation=1586302921976362\&alt=media) * 4.按下**Download File #1**下載verification file ![](https://3195929128-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M4M0G8GO2MkGtHfarAf%2F-M4M0IHoyFvfGKjf7P-T%2F-M4M0Nl7x2yfRr6FTC9_%2Fa33c6462-3249-472e-bb8b-210c4db905d5.png?generation=1586302921898321\&alt=media) * 5.在專案根目錄下增加以下路徑:.well-known/acme-challenge * 6.修改路由(routes/index.js),增加以下程式碼 ``` app.get('/.well-known/acme-challenge/', function(req, res, next) { res.sendfile('.well-known/acme-challenge/'); }); ``` * 7.將web server的listen port改為80 port, 啟動時輸入sudo node app.js ``` app.listen(80); ``` * 8.啟動web server, 並按下第5點的連結, 確定web server可下載到verification file, 接著按下**Download SSL Certificate** * 9.可以下載到一些檔案, 將**certificate.crt**及**private.key**放到專案根目錄下, 並修改app.js ``` var privateKey = fs.readFileSync('./private.key', 'utf8'); var certificate = fs.readFileSync('./certificate.crt', 'utf8'); var credentials = { key: privateKey, cert: certificate }; var httpsServer = https.createServer(credentials, app); httpsServer.listen(3000); ``` * 10.重新啟動server即可