Hexo Blog Configuration SSL Certificate

Keywords: SSL Nginx npm Tomcat

Hexo doesn't have to convert to a static web page and hand it over to a tool publishing site like Nginx, tomcat, which has a built-in server.By default, however, there is no SSL certificate.

Effect Display

All three servers use Hexo to provide web services.

Basic steps

1. Prepare the SSL certificate.

Go to the official website that provides cloud services to download the SL certificates of the domain names you have purchased and filed, such as Aliyun, Tencent Cloud, Huaweiyun, etc. Here are Aliyun and Tencent Cloud.
It is important to note that what you need to download here is a server of type Nginx, which you will need to use for later configurations.

After Ali Cloud downloads and unzips, it can get a.pem file and a.key file, but Tencent Cloud is different, it is a.crt file and a.pem file.

Note that the following configuration methods take Ali Cloud as an example. Tencent Cloud has the same function as.crt file. pem is the same, that is, Ali Cloud uses.pem file in Tencent Cloud.

2. Upload to Cloud Server

For administrative convenience, create a new ssl folder in your own hexo project folder on the cloud server (that is, the folder that will be published as a website in the future) and upload the two files to this ssl folder.For example, if the current hexo project folder is "langlang", then the ssl folder is in the Langlang folder, where the Langlang folder path is: /root/langlan

3. Configure server.js

The entire hexo project has an entry address, the server.js file, in the langlang/node_modules/hexo-server/lib directory.
Note that express needs to be installed, that is, under the hexo project directory, enter the following command:

## Or npm
cnpm install express --save

The server.js file needs to be modified next.

# Jump to the directory and backup the files that need to be modified
$ cd langlang/node_modules/hexo-server/lib
$ cp server.js server.js.back

Edit this server.js file and modify it as follows. Note that you need to modify the name of the SSL certificate file as appropriate:

var fs = require('fs');
var connect = require('connect');
var http = require('https');
var chalk = require('chalk');
var Promise = require('bluebird');
var open = require('opn');
var net = require('net');
var url = require('url');
var express = require('express');

var httpApp = express();

httpApp.all("*", (req, res, next) => {
  let host = req.headers.host;
  host = host.replace(/\:\d+$/, ''); // Remove port number
  res.redirect(307, `https://${host}${req.path}`);

httpApp.listen(80, function () {
 console.log('http on 80 Welcome to Smileyan.cn');

const options = {
    key : fs.readFileSync("/withyan.cn.key"),
    cert: fs.readFileSync("/withyan.cn.pem")

module.exports = function(args) {
  var app = connect();
  var config = this.config;
  var ip = args.i || args.ip || config.server.ip || undefined;
  var port = parseInt(args.p || args.port || config.server.port || process.env.port, 10) || 4000;
  var root = config.root;
  var self = this;

  return checkPort(ip, port).then(function() {
    return self.extend.filter.exec('server_middleware', app, {context: self});
  }).then(function() {
    if (args.s || args.static) {
      return self.load();

    return self.watch();
  }).then(function() {
    return startServer(http.createServer(options,app), 443, ip);
  }).then(function(server) {
    var addr = server.address();
    var addrString = formatAddress(ip || addr.address, addr.port, root);

    self.log.info('Hexo is running at %s . Press Ctrl+C to stop.', chalk.underline(addrString));

    if (args.o || args.open) {

    return server;
  }).catch(function(err) {
    switch (err.code){
      case 'EADDRINUSE':
        self.log.fatal('Port %d has been used. Try other port instead.', port);

      case 'EACCES':
        self.log.fatal('Permission denied. You can\'t use port ' + port + '.');

    throw err;

function startServer(server, port, ip) {
  return new Promise(function(resolve, reject) {
    server.listen(port, ip, function() {

    server.on('error', reject);

function checkPort(ip, port) {
  return new Promise(function(resolve, reject) {
    if (port > 65535 || port < 1) {
      return reject(new Error('Port number ' + port + ' is invalid. Try a number between 1 and 65535.'));

    var server = net.createServer();

    server.once('error', reject);

    server.once('listening', function() {

    server.listen(port, ip);

function formatAddress(ip, port, root) {
  var hostname = ip;
  if (ip === '' || ip === '::') {
    hostname = 'localhost';

  return url.format({protocol: 'http', hostname: hostname, port: port, path: root});


  • First you need to introduce dependencies
    • var fs = require('fs');
    • var express = require('express');
  • You need to change the default http used before to https
    • Previously var http = require('http');
    • Now var http = require('https');
  • httpApp needs to be configured
    • It can be understood that all requests for http on port 80 are blocked to https
    • var httpApp = express() and httpApp.all and httpApp.listen
  • Of course, you need to configure the SSL-related certificate file path, const options
  • Finally, change the previous http.createServer(app) to http.createServer(options,app).
    • You need to find it in the source code yourself.

Benefits and disadvantages

  • Benefits: All http requests on port 80 go to https requests; SSL certificates are installed successfully for greater security; appear tall; and treat programmer-related diseases in late OCD.
  • Disadvantage: The port configuration after starting the hexo project with hexo S-P 4534 is completely invalid from now on.Can only run on port 80.

4. Test results

Under the hexo project folder, here in the langlang directory, start hexo

hexo s

Then open the browser to access your domain name and you will be successful.

Matters needing attention

Overall, it is relatively simple, with the following considerations:

  1. Don't mistake the address of the hexo-server directory, node_modules under the hexo project, not elsewhere.
  2. Remember to back up your server.js before you modify it so that you don't "go back".
  3. Make changes based on your basic understanding, and be careful not to make mistakes.
  4. Higher versions of hexo may indicate that opn is not installed, and installation is easy. Under the hexo project directory, npm install opn --save will do.
  5. Be patient and solve problems slowly.

Note: Copying is strictly prohibited!Reproduction requires the author's consent.Thank you


Example of Node.js installing SSL

let express = require("express");

var https = require('https')
    ,fs = require("fs");

var options = {
    key : fs.readFileSync("./withyan.cn.key"),
    cert: fs.readFileSync("./withyan.cn.pem")
let app = express();
app.get('/', function (req, res) {
   res.send('Hello World');

https.createServer(options, app).listen(3011, function () {
    console.log('Https server listening on port ' + 3011);


node app.js




A little reading of the source code and the official documents, plus checking the data, will solve the problem.

2020.1.4 18:59

130 original articles published, 155 praised, 620,000 visits+
His message board follow

Posted by glory452 on Fri, 31 Jan 2020 18:23:56 -0800