While many people use load balancers like haproxy or nginx for larger apps, node has an excellent inbuilt SSL/TLS stack, as well as fast event-based IO for static files. Using a single server can often be more convenient for small apps.

So here's how to configure node.js v4 to pass SSL Labs with an A+: you don't.

Here's the entire HTTPS setup for node 4:

var server = https.createServer({ key : privateKey, cert : certificate, ca : certificateAuthority }, app);

A few months back we wrote about how to configure node.js to pass the SSL labs test. But then we had a thought:

What's better than a configuration guide? Software with secure defaults.

Shortly afterwards CertSimple added newer better ciphers into node.js itself. These are now out of the box in node v4.

Best practices, and thus the SSL Labs test, evolve over time, so this might not always be the case. But right now node has one of the best out of the box SSL setups of any web server.