From f786ddaa1c19c720313d81535b8f36cd4ce79646 Mon Sep 17 00:00:00 2001
From: jloveland <jason.c.loveland@gmail.com>
Date: Sun, 31 Aug 2014 15:05:07 -0400
Subject: [PATCH] moving security configs to secure code block to remove
 requirement for private key and certificate

---
 config/express.js | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/config/express.js b/config/express.js
index 63003bc94b..3cfe0dd5ab 100755
--- a/config/express.js
+++ b/config/express.js
@@ -5,10 +5,6 @@
  */
 var fs = require('fs'),
 	http = require('http'),
-	https = require('https'),
-	privateKey  = fs.readFileSync('./config/sslcert/key.pem', 'utf8'),
-	certificate = fs.readFileSync('./config/sslcert/cert.pem', 'utf8'),
-	credentials = {key: privateKey, cert: certificate},
   express = require('express'),
 	morgan = require('morgan'),
 	bodyParser = require('body-parser'),
@@ -149,7 +145,11 @@ module.exports = function(db) {
 
 	if (app.locals.secure) {
 		console.log('Securely using https protocol');
-		var httpsServer = https.createServer(credentials, app);
+		var https = require('https'),
+		privateKey  = fs.readFileSync('./config/sslcert/key.pem', 'utf8'),
+		certificate = fs.readFileSync('./config/sslcert/cert.pem', 'utf8'),
+		credentials = {key: privateKey, cert: certificate},
+		httpsServer = https.createServer(credentials, app);
 		return httpsServer;
 	} else {
 		console.log('Insecurely using http protocol');