I'm trying to use openshift-acme to get proper certificates from Let's Encrypt for a nodejs app running in a Openshift 3.11 cluster. https://github.com/tnozicka/openshift-acme
I don't know how to set this up in the route for the app. Could someone help me find the steps to make this work? How do I need to set upp Express in my app? Only listen to http or both http/https in Express? Do I need a key/certificate/pem-filen? I'm lost.
The easiest way to set this is up is to do nothing special in your Express application. Have it listen to HTTP, and then set up an OpenShift Route that points to your pod's Service. According to the docs for openshift-acme, you would annotate your route:
This will set up TLS termination at the route, so publicly, users of your application would see HTTPS, but then traffic from the router to your application would proceed as HTTP.
Alternatively, you can set up your route to do Passthrough, and mount the TLS secret key/certificate into your pod as a file, and read it into your Express application that way. This would let the router pass the traffic through transparently, and it would be HTTPS all the way to your application.
TLS termination is certainly the easiest option, but Passthrough is possible more thorough.