node.js v4 gets an A+ for SSL Labs with no configuration

We could have written a blog article about how to configure node, or we could just configure node for everybody.

By Mike on 29th Oct 2015

While many people use load balancers like haproxy or nginx for larger apps, node has an excellent inbuilt SSL/TLS stack, as well as fast event-based IO for static files. Using a single server can often be more convenient for small apps.

So here's how to configure node.js v4 to pass SSL Labs with an A+: you don't.

Here's the entire HTTPS setup for node 4:

var server = https.createServer({
    key: privateKey,
    cert: certificate,
    ca: certificateAuthority
}, app);

A few months back we wrote about how to configure node.js to pass the SSL labs test. But then we had a thought:

What's better than a configuration guide? Software with secure defaults.

Shortly afterwards CertSimple added newer better ciphers into node.js itself. These are now out of the box in node v4.

Best practices, and thus the SSL Labs test, evolve over time, so this might not always be the case. But right now node has one of the best out of the box SSL setups of any web server.

Mike MacCana, founder at CertSimple.

CertSimple makes EV HTTPS fast and painless.

An EV HTTPS certificate verifies the company behind your website. But getting verified is a slow painful process. CertSimple provides EV HTTPS certificates 40x faster than other vendors. We check your company registration, network details, physical address and flag common errors before you pay us, provide verification steps specific for your company, update in realtime during the process, and even check your infrastructure to help you set up HTTPS securely.
Verify your site now!