The tls module provides an implementation of the Transport Layer Security (TLS) and Secure Socket Layer (SSL) protocols that are built on top of OpenSSL.
Example:
Javascript
// Node.js program to demonstrate the // tls.getCiphers() method const tls = require( 'tls' ),
fs = require( 'fs' ),
// Port and host address for server
PORT = 1337,
HOST = '127.0.0.1' ,
value = null ;
// Private key and public certificate for access const options = { key: fs.readFileSync( 'private-key.pem' ),
cert: fs.readFileSync( 'public-cert.pem' ),
rejectUnauthorized: false
}; // Creating and initializing server const server = tls.createServer(options, function (socket) {
// Print the data that we received
socket.on( 'data' , function (data) {
console.log( '\nReceived: %s ' ,
data.toString().replace(/(\n)/gm, "" ));
});
// Stopping the server
// by using the close() method
server.close(() => {
console.log( "Server closed successfully" );
});
}); // Start listening on a specific port and address // by using listen() method server.listen(PORT, HOST, function () {
console.log( "I'm listening at %s, on port %s" , HOST, PORT);
}); // Creating and initializing client const client = tls.connect(PORT, HOST, options, function () {
// Getting list of cipher
// by using tls.getCiphers() method
value = tls.getCiphers();
client.write( " Cipher : " + value[12]);
client.end(() => {
console.log( "Client closed successfully" );
});
}); |
Output:
I'm listening at 127.0.0.1, on port 1337 Client closed successfully Received: Cipher : dhe-psk-chacha20-poly1305 Server closed successfully
The Complete list of TLS/SSL are listed below:
Methods |
Description |
---|---|
maxFreeSockets | It uses the HTTP server and client, we need to call them (by ‘require(‘http’)‘). |
tls.createServer() | Create a tls.Server object. |
rootCertificates() | Return the array of strings representing the root certificates. |
getCiphers() | Return the array of the supported TLS ciphers. |
Property |
Description |
---|---|
writableEnded | This property does not indicate whether the data has been flushed, for this use request. |
Class: tls.TLSSocket
Class: tls.TLSSocket Method |
Description |
address() | Get the bound address, the address family name, and the port of the underlying socket. |
enableTrace() | Debug TLS connection problems. |
getCipher() | Return the object containing information on the negotiated cipher suite. |
getCertificate() | Return an object representing the local certificate. |
getProtocol() | Return a string containing the negotiated SSL/TLS protocol version of the current connection. |
getFinished() | Return the latest Finished message that has been sent to the socket as part of an SSL/TLS handshake |
getSession() | Return the TLS session data or undefined if no session was negotiated. |
getSharedSigalgs() | Return the array of signature algorithms shared between the server and the client. |
getPeerFinished() | Return the latest Finished message that has been sent to the socket as part of an SSL/TLS handshake |
getPeerCertificate() | Return an object representing the peer’s certificate. |
getEphemeralKeyInfo() | Return an object containing information of ephemeral key exchange. |
isSessionReused() | Check if the session key was reused or not. |
localAddress | Return the string representation of the local IP address. |
remoteAddress | Return the string representation of the remote IP address. |
setMaxSendFragment() | Set the maximum TLS fragment size. |
exportKeyingMaterial() | Return the requested bytes of the keying material to prevent different kinds of attacks in network protocols. |
remotePort | Return the string representation of the remote port. |
Class: tls.TLSSocket Property |
Description |
---|---|
authorized | Check if the peer certificate was signed by one of the CAs specified or not. |
authorizationError | Get the reason why the peer’s certificate was not been verified. |
remoteFamily | Return the string representation of the remote IP family. |