阿西河

所有教程

公众号
🌙
阿西河前端的公众号

我的收藏

    最近访问  (文章)

      教程列表

      抓包专区
      测试专区

      Node.js tls.connect

      tls.connect(options[, callback])

      版本历史

      版本变更
      v8.0.0The lookup option is supported now.
      v8.0.0The ALPNProtocols option can be a Uint8Array now.
      v5.3.0, v4.7.0The secureContext option is supported now.
      v5.0.0ALPN options are supported now.
      v0.11.3新增于: v0.11.3
      • options < Object>

        • host < string> Host the client should connect to. Default: ‘localhost’.
        • port < number> Port the client should connect to.
        • path < string> Creates unix socket connection to path. If this option is specified, host and port are ignored.
        • socket < stream.Duplex> Establish secure connection on a given socket rather than creating a new socket. Typically, this is an instance of net.Socket, but any Duplex stream is allowed. If this option is specified, path, host and port are ignored, except for certificate validation. Usually, a socket is already connected when passed to tls.connect(), but it can be connected later. Note that connection/disconnection/destruction of socket is the user’s responsibility, calling tls.connect() will not cause net.connect() to be called.
        • rejectUnauthorized < boolean> If not false, the server certificate is verified against the list of supplied CAs. An ‘error’ event is emitted if verification fails; err.code contains the OpenSSL error code. Default: true.
        • ALPNProtocols: < string[]> | < Buffer[]> | <Uint8Array[]> | < Buffer> |An array of strings, Buffers or Uint8Arrays, or a single Buffer or Uint8Array containing the supported ALPN protocols. Buffers should have the format [len][name][len][name]… e.g. ‘\x08http/1.1\x08http/1.0’, where the len byte is the length of the next protocol name. Passing an array is usually much simpler, e.g. [‘http/1.1’, ‘http/1.0’]. Protocols earlier in the list have higher preference than those later.
        • servername: < string> Server name for the SNI (Server Name Indication) TLS extension. It is the name of the host being connected to, and must be a host name, and not an IP address. It can be used by a multi-homed server to choose the correct certificate to present to the client, see the SNICallback option to tls.createServer().
        • checkServerIdentity(servername, cert) < Function> A callback function to be used (instead of the builtin tls.checkServerIdentity() function) when checking the server’s hostname (or the provided servername when explicitly set) against the certificate. This should return an < Error> if verification fails. The method should return undefined if the servername and cert are verified.
        • session < Buffer> A Buffer instance, containing TLS session.
        • minDHSize < number> Minimum size of the DH parameter in bits to accept a TLS connection. When a server offers a DH parameter with a size less than minDHSize, the TLS connection is destroyed and an error is thrown. Default: 1024.
        • secureContext: TLS context object created with tls.createSecureContext(). If a secureContext is not provided, one will be created by passing the entire options object to tls.createSecureContext().
        • lookup: < Function> Custom lookup function. Default: dns.lookup().
        • …: tls.createSecureContext() options that are used if the secureContext option is missing, otherwise they are ignored.
      • callback < Function>

      • Returns: < tls.TLSSocket>

      The callback function, if specified, will be added as a listener for the ‘secureConnect’ event.

      tls.connect() returns a tls.TLSSocket object.

      The following illustrates a client for the echo server example from

      // Assumes an echo server that is listening on port 8000.
      const tls = require('tls');
      const fs = require('fs');
      
      const options = {
        // Necessary only if the server requires client certificate authentication.
        key: fs.readFileSync('client-key.pem'),
        cert: fs.readFileSync('client-cert.pem'),
      
        // Necessary only if the server uses a self-signed certificate.
        ca: [ fs.readFileSync('server-cert.pem') ],
      
        // Necessary only if the server's cert isn't for "localhost".
        checkServerIdentity: () => { return null; },
      };
      
      const socket = tls.connect(8000, options, () => {
        console.log('client connected',
                    socket.authorized ? 'authorized' : 'unauthorized');
        process.stdin.pipe(socket);
        process.stdin.resume();
      });
      socket.setEncoding('utf8');
      socket.on('data', (data) => {
        console.log(data);
      });
      socket.on('end', () => {
        console.log('server ends connection');
      });
      

      tls.connect(path[, options][, callback])

      新增于: v0.11.3

      • path < string> Default value for options.path.
      • options < Object> See tls.connect().
      • callback < Function> See tls.connect().
      • Returns: < tls.TLSSocket>

      Same as tls.connect() except that path can be provided as an argument instead of an option.

      A path option, if specified, will take precedence over the path argument.

      tls.connect(port[, host][, options][, callback])

      新增于: v0.11.3

      • port < number> Default value for options.port.
      • host < string> Default value for options.host.
      • options < Object> See tls.connect().
      • callback < Function> See tls.connect().
      • Returns: < tls.TLSSocket>

      Same as tls.connect() except that port and host can be provided as arguments instead of options.

      A port or host option, if specified, will take precedence over any port or host argument.


      更多内容请参考:Node.js tls 安全传输层,或者通过 点击对应菜单 进行查看;


      目录
      目录