Using Let’s Encrypt with Express
Yash Kulshrestha
71522

Personally speaking, I’m not sure why people insist on having their actual webapps also do HTTPS termination. If instead you have a small HTTPS server that receives incoming requests, terminates HTTPS and forwards the requests on over HTTP you get a simpler webapp to develop and deploy, an extra layer of security — since you’re actual application isn’t directly exposed any more, and potentially a load balancer layer depending on how you configure it. You also potentially get the ability to do rolling installs without downtime — since the thing you’re taking down and back up isn’t the thing that clients connect to.