Node.js https服务器：无法侦听端口443 - 为什么？ [英] Node.js https server: Can't listen to port 443 - Why?

问题描述

我是第一次在Node中创建一个HTTPS服务器，代码（见下文）适用于像6643这样的随机端口，但是在端口443上，它不起作用。我收到此错误：

I'm creating a an HTTPS server for the first time in Node, and the code (see below) works for a random port like 6643 but on port 443, it won't work. I get this error:

[Debug][Server]: Initialized...
[Debug][Control Center]: Application initialized...

events.js:72
        throw er; // Unhandled 'error' event
              ^
Error: listen EACCES
    at errnoException (net.js:904:11)
    at Server._listen2 (net.js:1023:19)
    at listen (net.js:1064:10)
    at Server.listen (net.js:1138:5)
    at Object.module.exports.router (/home/ec2-user/Officeball/Versions/officeball_v0.0.5/server/custom_modules/server.js:52:5)
    at Object.<anonymous> (/home/ec2-user/Officeball/Versions/officeball_v0.0.5/server/control_center.js:15:59)
    at Module._compile (module.js:456:26)
    at Object.Module._extensions..js (module.js:474:10)
    at Module.load (module.js:356:32)
    at Function.Module._load (module.js:312:12)

这是在Amazon Linux EC2服务器上。我的理解是，一旦我将域名的DNS A名称记录设置为服务器的IP，当用户搜索 https://mydomain.com ，浏览器将在443端口查找我服务器的IP，这可能是HTTPS流量的标准端口。

This is on an Amazon Linux EC2 server. It's my understanding that once I set my domain's DNS A Name Record to the server's IP, when a user searches https://mydomain.com, the browser will look up my server's IP at port 443, which is supposedly the standard port for HTTPS traffic.

所以我的理解是我需要服务https内容通过443端口。

So my understanding is that I need to serve https content via port 443.

我做错了什么？

这是我的服务器代码：

control_center.js（init）

/* Control Center */

//DEFINE GLOBALS

preloaded = {};

//GET DIRECT WORKING PATH

var dirPath = process.cwd();

//REQUIRE CUSTOM MODULES 

var debug = new (require(dirPath + 
        "/custom_modules/debug"))("Control Center");
var socket = require(dirPath + 
        "/custom_modules/socket")(4546);

// ! this is the relevant line
var server = require(dirPath + "/custom_modules/server").router(443);

//APP INITIALIZE

debug.log("Application initialized...");

server.js

/* Server */

//REQUIRE NPM MODULES

var fs      = require('fs'), 
    https   = require('https'), 
    url     = require('url'), 
    path    = require('path');

//GET DIRECT WORKING PATH

var dirPath = process.cwd();

//REQUIRE CUSTOM MODULES

//Snip!

var debug = new (require(dirPath + 
        "/custom_modules/debug"))("Server");

//Preload requests

var preload = require(dirPath + 
        '/custom_modules/preload').init();

//INIT MODULE 

debug.log("Initialized...");

//DEFINE MODULE VARIABLES

var options = {
  key: fs.readFileSync('SSL/evisiion_private_key.pem'),
  cert: fs.readFileSync('SSL/evisiion_ssl_cert.pem')
};

//LISTEN FOR PATH REQUESTS

//route requests to server
module.exports.router = function(port) {
    https.createServer(options, function(req, res) {

        //Snip!

    }).listen(port);
};

推荐答案

在Linux上（我相信，大多数其他Unix）类似操作系统），服务必须以root身份运行才能绑定到编号小于1024的端口。

On Linux (and, I believe, most other Unix-like operating systems), a service has to run as root to be able to bind to a port numbered less than 1024.

我刚刚在节点上验证了它应用程序我躺在那里，当我将端口从5000更改为443时，我看到完全相同的错误，行相同，禁止文件路径。

I've just verified it on a Node app I had lying around, and I saw exactly the same error, line for line identical barring the file paths, when I changed the port from 5000 to 443.

开发中，大多数人都会在更高编号的端口（例如8080）上运行开发服务器。在生产中，您可能希望使用适当的Web服务器（如Nginx）来提供静态内容并将其他所有内容反向代理到您的Node应用程序，这使得它不是一个问题，因为Nginx可以很乐意以root身份运行。

In development, most people will run the dev server on a higher-numbered port such as 8080. In production, you might well want to use a proper web server such as Nginx to serve static content and reverse proxy everything else to your Node app, which makes it less of an issue since Nginx can be quite happily run as root.

编辑：由于您的用例需要提供一些静态内容，那么您可能想要使用网络服务器，如Nginx或Apache，用于处理静态文件，反向代理到另一个端口，用于动态内容。使用Nginx进行反向代理非常简单 - 这是一个示例配置文件：

As your use case requires serving some static content, then you may want to use a web server such as Nginx or Apache to handle the static files, and reverse proxy to another port for your dynamic content. Reverse proxying is quite straightforward with Nginx - here's a sample config file:

server {
    listen 443;
    server_name example.com;
    client_max_body_size 50M;

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    location /static {
        root /var/www/mysite;
    }

    location / {
        proxy_pass http://127.0.0.1:8000;
    }
}

这假设您的网络应用程序可以通过端口访问如果位置与/ static文件夹匹配，则从/ var / www / mysite / static提供。否则，Nginx将其交给端口8000上正在运行的应用程序，该应用程序可能是Node.js应用程序，也可能是Python，或者其他任何内容。

This assumes your web app is to be accessible on port 443, and is running on port 8000. If the location matches the /static folder, it is served from /var/www/mysite/static. Otherwise, Nginx hands it off to the running application at port 8000, which might be a Node.js app, or a Python one, or whatever.

这也非常整齐解决了您的问题，因为应用程序可以在端口443上访问，而不必实际绑定到该端口。

This also quite neatly solves your issue since the application will be accessible on port 443, without having to actually bind to that port.

这篇关于Node.js https服务器：无法侦听端口443 - 为什么？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！