Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to set up HTTPS with ApolloServer 2? #1155

Closed
johnreynoldsventure opened this issue Jun 8, 2018 · 13 comments
Closed

How to set up HTTPS with ApolloServer 2? #1155

johnreynoldsventure opened this issue Jun 8, 2018 · 13 comments
Milestone
Release 2.0.x

Comments

@johnreynoldsventure
Copy link

I'm probably missing something very obvious, but I cannot figure out how to configure HTTPS with ApolloServer…

With vanilla express, I do the following:
var https_options = {
key: key,
cert: cert
};
server = https.createServer(https_options, app).listen(PORT, HOST);

With ApolloServer, I don't seem to have the
option to configure the key and cert:

const app = express()
const server = new ApolloServer({ typeDefs, resolvers })
registerServer({ server, app })
server.listen().then(({ url }) => {
console.log(🚀 Server ready at ${url})
})
@johnreynoldsventure
Copy link
Author

I tried this, and it "appears" to work, but I'd like a sanity check if possible:

const app = express()
const server = new ApolloServer({ typeDefs, resolvers })
registerServer({ server, app })
// This is just a test to see if I create the HTTPS server for the app,
// will it magically work?
https.createServer(
{
key: fs.readFileSync('server.key'),
cert: fs.readFileSync('server.cert')
}, app).listen(443)
console.log('Server might be ready at 443')

@evans
Copy link
Contributor

evans commented Jun 13, 2018

That works great! registerServer is really just an applyMiddleware call that sets up the middlewares and then you're able to call app.listen instead of server.listen. Currently it's not documented completely, so I'll leave this open for now

@evans evans added this to the Release 2.0 milestone Jun 13, 2018
@johnreynoldsventure
Copy link
Author

Thanks Evan... now I'm off to setting up the Subscription Server. I'll open another issue for that.

It's clear that Server 2.0 is a huge improvement. Thanks for all you do.

@evans evans mentioned this issue Jun 13, 2018
Closed
@evans
Copy link
Contributor

evans commented Jun 15, 2018

It's now documented and in the latest release!

In the beta.11, we moved to an applyMiddleware architecture, so the new flow looks something like: https://www.apollographql.com/docs/apollo-server/v2/essentials/server.html#middleware

Subscriptions are now created in this manner: https://glitch.com/edit/#!/mountainous-suggestion?path=index.js:49:0

@evans evans closed this as completed Jun 15, 2018
@jlubeck
Copy link

jlubeck commented Aug 23, 2018

When trying to follow the latest docs, I'm getting this error:

Error: To use Apollo Server with an existing express application, please use apollo-server-express

I believe this ticket should be reopened as there is no documentation on how to enable HTTPS on an ApolloServer

@jhchill666
Copy link

I thought one of the matras of AP2, is that it dramatically simplifies necessary dependencies and configuration? https should be added as a config param, imo. As setting the server up for something as fundamental as this requires additional dependencies and additional configuration.

@jhchill666
Copy link

Ahh, have just noticed, that you need to use apollo-server-express NOT apollo-server!!! So we're saying apollo-server basically doesn't support ssl? I think this is a massive ommission

@smolinari
Copy link

Apollo server (apollo-server) itself uses apollo-server-express. And as such, it support SSL/TLS.

https://github.com/apollographql/apollo-server/blob/master/packages/apollo-server/package.json

https://www.apollographql.com/docs/apollo-server/essentials/server.html#ssl

Scott

@bionicles
Copy link

@smolinari how do you set this up?

@ranjan-purbey
Copy link

ranjan-purbey commented Dec 7, 2019
edited
Loading

@bionicles You can follow the example here: https://www.apollographql.com/docs/apollo-server/security/terminating-ssl/ to setup an apollo server over HTTPS. However it uses apollo-server-express instead of apollo-server.

As you can see in apollo-server code, it uses an http server and has no straightforward way to replace it with an https server.

@RoelRoel
Copy link

RoelRoel commented Sep 3, 2021
edited
Loading

I want to run apollo via https locally to use cookies with Secure attribute or SameSite attribute set to None.
When I change my code to the example given in https://www.apollographql.com/docs/apollo-server/v2/security/terminating-ssl/ it does not work. It still only runs in http.
Aren't we suppost to do something with the httpServer object? In the v3 documentation it uses this with listen but I don't want to change production code and only run createServer on localhost (the production is running fine on https without calling https.createServer and specifying certificates).

The only difference I see in my code is that I use app.listen instead of server.listen because server does not have a listen function. (Property 'listen' does not exist on type 'ApolloServer'.) This looks like an error in the documentation.

Update:
I have fixed it! I do have to use server.listen instead of app.listen. The v2 example seems to be incorrect. In case of production I now still use app.listen. (server is the https.createServer response)

// manually create a https server for local development
if (envName === 'development') {
  const manualServer = https.createServer(
    {
      key: fs.readFileSync(`../local-ssl/key.pem`),
      cert: fs.readFileSync(`../local-ssl/cert.pem`),
    },
    app,
  );
  manualServer.listen(config.PORT, listeningListener);
} else {
  app.listen({ port: config.PORT }, listeningListener);
}

@RoelRoel

This comment has been minimized.

Sign in to view
@MertHaddad
Copy link

Source : https://www.apollographql.com/docs/apollo-server/security/terminating-ssl/
this might help :

import { ApolloServer } from '@apollo/server';
import { expressMiddleware } from '@apollo/server/express4';

import typeDefs from './graphql/schema';
import resolvers from './graphql/resolvers';
import cors from 'cors';
import bodyParser from 'body-parser';
import express from 'express';
import http from 'http';
import https from 'https';
import fs from 'fs';

const configurations = {
  // Note: You may need sudo to run on port 443
  production: { ssl: true, port: 443, hostname: 'example.com' },
  development: { ssl: false, port: 4000, hostname: 'localhost' },
};

const environment = process.env.NODE_ENV || 'production';
const config = configurations[environment];

const server = new ApolloServer({
  typeDefs,
  resolvers,
});
await server.start();

const app = express();
// our express server is mounted at /graphql
app.use('/graphql', cors(), bodyParser.json(), expressMiddleware(server));

// Create the HTTPS or HTTP server, per configuration
let httpServer;
if (config.ssl) {
  // Assumes certificates are in a .ssl folder off of the package root.
  // Make sure these files are secured.
  httpServer = https.createServer(
    {
      key: fs.readFileSync(`./ssl/${environment}/server.key`),
      cert: fs.readFileSync(`./ssl/${environment}/server.crt`),
    },

    app,
  );
} else {
  httpServer = http.createServer(app);
}

await new Promise((resolve) => httpServer.listen({ port: config.port }, resolve));

console.log('🚀 Server ready at', `http${config.ssl ? 's' : ''}://${config.hostname}:${config.port}/graphql`);

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 19, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Release 2.0.x
Development

No branches or pull requests
9 participants
@jhchill666 @RoelRoel @jlubeck @smolinari @evans @ranjan-purbey @bionicles @johnreynoldsventure @MertHaddad