Node.js TLS/SSL Complete Reference
The tls module provides an implementation of the Transport Layer Security (TLS) and Secure Socket Layer (SSL) protocols that are built on top of OpenSSL.
Example:
Javascript
// Node.js program to demonstrate the// tls.getCiphers() methodconst tls = require('tls'), fs = require('fs'), // Port and host address for server PORT = 1337, HOST = '127.0.0.1', value = null;// Private key and public certificate for accessconst options = { key: fs.readFileSync('private-key.pem'), cert: fs.readFileSync('public-cert.pem'), rejectUnauthorized: false};// Creating and initializing serverconst server = tls.createServer(options, function (socket) { // Print the data that we received socket.on('data', function (data) { console.log('\nReceived: %s ', data.toString().replace(/(\n)/gm, "")); }); // Stopping the server // by using the close() method server.close(() => { console.log("Server closed successfully"); });});// Start listening on a specific port and address// by using listen() methodserver.listen(PORT, HOST, function () { console.log("I'm listening at %s, on port %s", HOST, PORT);});// Creating and initializing clientconst client = tls.connect(PORT, HOST, options, function () { // Getting list of cipher // by using tls.getCiphers() method value = tls.getCiphers(); client.write(" Cipher : " + value[12]); client.end(() => { console.log("Client closed successfully"); });}); |
Output:
I'm listening at 127.0.0.1, on port 1337 Client closed successfully Received: Cipher : dhe-psk-chacha20-poly1305 Server closed successfully
The Complete list of TLS/SSL are listed below:
Methods | Description |
|---|---|
| maxFreeSockets | It uses the HTTP server and client, we need to call them (by ‘require(‘http’)‘). |
| tls.createServer() | Create a tls.Server object. |
| rootCertificates() | Return the array of strings representing the root certificates. |
| getCiphers() | Return the array of the supported TLS ciphers. |
Property | Description |
|---|---|
| writableEnded | This property does not indicate whether the data has been flushed, for this use request. |
Class: tls.TLSSocket
Class: tls.TLSSocket Method | Description |
| address() | Get the bound address, the address family name, and the port of the underlying socket. |
| enableTrace() | Debug TLS connection problems. |
| getCipher() | Return the object containing information on the negotiated cipher suite. |
| getCertificate() | Return an object representing the local certificate. |
| getProtocol() | Return a string containing the negotiated SSL/TLS protocol version of the current connection. |
| getFinished() | Return the latest Finished message that has been sent to the socket as part of an SSL/TLS handshake |
| getSession() | Return the TLS session data or undefined if no session was negotiated. |
| getSharedSigalgs() | Return the array of signature algorithms shared between the server and the client. |
| getPeerFinished() | Return the latest Finished message that has been sent to the socket as part of an SSL/TLS handshake |
| getPeerCertificate() | Return an object representing the peer’s certificate. |
| getEphemeralKeyInfo() | Return an object containing information of ephemeral key exchange. |
| isSessionReused() | Check if the session key was reused or not. |
| localAddress | Return the string representation of the local IP address. |
| remoteAddress | Return the string representation of the remote IP address. |
| setMaxSendFragment() | Set the maximum TLS fragment size. |
| exportKeyingMaterial() | Return the requested bytes of the keying material to prevent different kinds of attacks in network protocols. |
| remotePort | Return the string representation of the remote port. |
Class: tls.TLSSocket Property | Description |
|---|---|
| authorized | Check if the peer certificate was signed by one of the CAs specified or not. |
| authorizationError | Get the reason why the peer’s certificate was not been verified. |
| remoteFamily | Return the string representation of the remote IP family. |
Please Login to comment...