Node.js tlsSocket.authorized Property
The tlsSocket.authorized property is an inbuilt application programming interface of class TLSSocket within tls module which is used to check if the peer certificate was signed by one of the CAs specified or not.
Syntax:
const tlsSocket.authorized
Parameters: This method does not accept any parameter.
Return Value: This method returns the boolean value true if the peer certificate was signed by one of the CAs specified otherwise false.
How to generate private keys and public certificates?
- Private Key
Step 1: Open Notepad and copy and paste the following key:
-----BEGIN RSA PRIVATE KEY----- MIICXQIBAAKBgQC38R9wXcUbhOd44FavgmE5R3K4JeYOHLnI7dUq1B8/Gv7l3SOg JKef/m9gM1KvUx951mapXGtcWgwB08J3vUE2YOZ4tWJArrVZES0BI/RmFAyhQFP5 HcWl3LSM9LRihP98F33oIkKaCxA5LxOrkgpV4HrUzIKTABDYah7RPex1WQIDAQAB AoGBAIXR71xxa9gUfc5L7+TqBs+EMmrUb6Vusp8CoGXzQvRHMJCMrMFySV0131Nu o0YYRDsAh1nJefYLMNcXd1BjqI+qY8IeRsxaY+9CB2KKGVVDO2uLdurdC2ZdlWXT Vwr3dDoyR0trnXJMmH2ijTeO6bush8HuXxvxJBjvEllM5QYxAkEA3jwny9JP+RFu 0rkqPBe/wi5pXpPl7PUtdNAGrh6S5958wUoR4f9bvwmTBv1nQzExKWu4EIp+7vjJ fBeRZhnBvQJBANPjjge8418PS9zAFyKlITq6cxmM4gOWeveQZwXVNvav0NH+OKdQ sZnnDiG26JWmnD/B8Audu97LcxjxcWI8Jc0CQEYA5PhLU229lA9EzI0JXhoozIBC TlcKFDuLm88VSmlHqDyqvF9YNOpEdc/p2rFLuZS2ndB4D+vu6mjwc5iZ3HECQCxy GBHRclQ3Ti9w76lpv+2kvI4IekRMZWDWnnWfwta+DGxwCgw2pfpleBZkWqdBepb5 JFQbcxQJ0wvRYXo8qaUCQQCgTvWswBj6OTP7LTvBlU1teAN2Lnrk/N5AYHZIXW6m nUG9lYvH7DztWDTioXMrruPF7bdXfZOVJD8t0I4OUzvC -----END RSA PRIVATE KEY-----
- Step 2: Save as a private key.pem
- Public Certificate
Step 1: Open Notepad and copy and paste the following key:
-----BEGIN CERTIFICATE----- MIICfzCCAegCCQDxxeXw914Y2DANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMC SU4xEzARBgNVBAgMCldlc3RiZW5nYWwxEDAOBgNVBAcMB0tvbGthdGExFDASBgNV BAoMC1BhbmNvLCBJbmMuMRUwEwYDVQQDDAxSb2hpdCBQcmFzYWQxIDAeBgkqhkiG 9w0BCQEWEXJvZm9mb2ZAZ21haWwuY29tMB4XDTIwMDkwOTA1NTExN1oXDTIwMTAw OTA1NTExN1owgYMxCzAJBgNVBAYTAklOMRMwEQYDVQQIDApXZXN0YmVuZ2FsMRAw DgYDVQQHDAdLb2xrYXRhMRQwEgYDVQQKDAtQYW5jbywgSW5jLjEVMBMGA1UEAwwM Um9oaXQgUHJhc2FkMSAwHgYJKoZIhvcNAQkBFhFyb2ZvZm9mQGdtYWlsLmNvbTCB nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt/EfcF3FG4TneOBWr4JhOUdyuCXm Dhy5yO3VKtQfPxr+5d0joCSnn/5vYDNSr1MfedZmqVxrXFoMAdPCd71BNmDmeLVi QK61WREtASP0ZhQMoUBT+R3Fpdy0jPS0YoT/fBd96CJCmgsQOS8Tq5IKVeB61MyC kwAQ2Goe0T3sdVkCAwEAATANBgkqhkiG9w0BAQsFAAOBgQATe6ixdAjoV7BSHgRX bXM2+IZLq8kq3s7ck0EZrRVhsivutcaZwDXRCCinB+OlPedbzXwNZGvVX0nwPYHG BfiXwdiuZeVJ88ni6Fm6RhoPtu2QF1UExfBvSXuMBgR+evp+e3QadNpGx6Ppl1aC hWF6W2H9+MAlU7yvtmCQQuZmfQ== -----END CERTIFICATE-----
- Step 2: Save as public cert.pem
Example 1: Filename: index.js
javascript
// Node.js program to demonstrate the// tlsSocket.authorized methodconst tls = require('tls'), fs = require('fs'), // Port and host address for server PORT = 1337, HOST = '127.0.0.1', value = null;// Private key and public certificate for accessconst options = { key: fs.readFileSync('private-key.pem'), cert: fs.readFileSync('public-cert.pem'), rejectUnauthorized: false};// Creating and initializing serverconst server = tls.createServer(options, function (socket) { // Print the data that we received socket.on('data', function (data) { console.log('\nReceived: %s ', data.toString().replace(/(\n)/gm, "")); }); // Stopping the server // by using the close() method server.close(() => { console.log("Server closed successfully"); });});// Start listening on a specific port and address// by using listen() methodserver.listen(PORT, HOST, function () { console.log("I'm listening at %s, on port %s", HOST, PORT);});// Creating and initializing clientconst client = tls.connect(PORT, HOST, options, function () { // Checking if the peer certificATE IS authorised or not // by using tlsSocket.authorized method value = client.authorized; if (value) client.write("certificate is authorised"); else client.write('peer certificate is not authorised'); client.end(() => { console.log("Client closed successfully"); });}); |
Output:
I'm listening at 127.0.0.1, on port 1337 Client closed successfully Received: peer certificate is not authorised Server closed successfully
Example 2: Filename: index.js
javascript
// Node.js program to demonstrate the// tlsSocket.authorized methodconst tls = require('tls'), fs = require('fs'), // Port and host address for server PORT = 1337, HOST = '127.0.0.1';// Private key and public certificate for accessconst options = { key: fs.readFileSync('private-key.pem'), cert: fs.readFileSync('public-cert.pem'), rejectUnauthorized: false};// Creating and initializing serverconst server = tls.createServer(options, function (socket) { // Checking if the peer certificATE IS authorised or not // by using tlsSocket.authorized method value = socket.authorized; if (value) socket.write("certificate is authorised"); else socket.write('peer certificate is not authorised'); // Stopping the server // by using the close() method server.close(() => { console.log("Server closed successfully") });});// Start listening on a specific port and address// by using listen() methodserver.listen(PORT, HOST, function () { console.log("I'm listening at %s, on port %s", HOST, PORT);});// creating and initializing clientconst client = tls.connect(PORT, HOST, options, function () { console.log("client is connected");});client.on("data", function (data) { console.log('Received: %s', data.toString().replace(/(\n)/gm, "")); // Close the connection after receiving the message client.end(() => { console.log("client closed successfully") });}); |
Run the index.js file using the following command:
node index.js
Output:
I'm listening at 127.0.0.1, on port 1337 client is connected Received: peer certificate is not authorised client closed successfully Server closed successfully
Reference: https://nodejs.org/dist/latest-v12.x/docs/api/tls.html#tls_tlssocket_authorized
Please Login to comment...