The JS runtimes
Published in

The JS runtimes

Deno Oak HTTPS server

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL.

In this article, we’ll learn how to write an HTTPS server in Oak. We’ll also learn how to extend the HTTPS server to support HTTP/2.

Basic HTTPS server

Consider the following simple hello world application in Oak that runs over HTTP:

// app.tsimport { Application } from "https://deno.land/x/oak/mod.ts";const port = 8080;const app = new Application();app.use((ctx) => ctx.response.body = "Hello world over HTTP!");app.listen({ port });

Let’s do a quick test of the app using cURL:

~: curl http://localhost:8080
Hello world over HTTP!

To convert this into an HTTPS server, we need to supply two additional inputs to Oak’s listen API:

  • Certfile: The path to the server certificate file
  • Keyfile: The path to the server key file

These inputs are the exactly same as those that are required by Deno’s standard library’s serve API.

Here is the updated code of the simple hello world application that now serves over HTTPS:

// app.tsimport { Application } from "https://deno.land/x/oak/mod.ts";const port = 8080, certFile = "./l.crt", keyFile = "./l.key";const app = new Application();app.use((ctx) => ctx.response.body = "Hello world over HTTPS!");app.listen({ port, certFile, keyFile });

Certfile and keyfile requires read access

Let’s do a round of test using cURL:

~: deno run --allow-net=:8080 --allow-read=./ app.ts~: curl https://localhost:8080 -k
* ALPN, offering h2
* ALPN, offering http/1.1
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
< HTTP/1.1 200 OK
< content-type: text/plain; charset=utf-8
< content-length: 23
Hello world over HTTPS!

-k is required by cURL to accept self-signed certificates

The basic HTTPS server works over HTTP/1.1 as ALPN is not enabled by default.

HTTP/2 server

The basic HTTPS server over HTTP/1.1 can be easily upgraded to HTTP/2 by setting alpnProtocols in the listen API. The alpnProtocols is an array of strings that supports only two values:

  • h2
  • http/1.1

If alpnProtocols is not supplied or set to http/1.1, only HTTP/1.1 would be offered. To use HTTP/2, alpnProtocols must contain h2 and http/1.1 (for backward compatibility).

Here is the updated code of the simple hello world application that now serves HTTP/2 over HTTPS:

// app.tsimport { Application } from "https://deno.land/x/oak/mod.ts";const port = 8080,
certFile = "./l.crt",
keyFile = "./l.key",
alpnProtocols = ["h2", "http/1.1"];
const app = new Application();app.use((ctx) => ctx.response.body = "Hello world over HTTPS!");app.listen({ port, certFile, keyFile, alpnProtocols });

AlpnProtocols is an unstable feature

Let’s do a round of test using cURL:

~: deno run --allow-net=:8080 --allow-read=./ --unstable app.ts~: curl https://localhost:8080 -kv
* ALPN, offering h2
* ALPN, offering http/1.1
* ALPN, server accepted to use h2
Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
> GET / HTTP/2
< HTTP/2 200
< content-type: text/plain; charset=utf-8
< content-length: 23
Hello world over HTTPS!

This story is a part of the exclusive medium publication on Deno: Deno World.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store