You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* Add secure context that will be used if client request's SNI hostname is matching passed `hostname` (wildcards can be used). `credentials` can contain `key`, `cert` and `ca`.
* Set this property to reject connections when the server's connection count gets high.
1614
+
*/
1615
+
maxConnections: number;
1616
+
/**
1617
+
* Returns the current number of concurrent connections on the server.
1618
+
*/
1619
+
connections: number;
1620
+
}
1621
+
1622
+
exportinterfaceCertificate{
1623
+
/**
1624
+
* Country code.
1625
+
*/
1626
+
C: string;
1627
+
/**
1628
+
* Street.
1629
+
*/
1630
+
ST: string;
1631
+
/**
1632
+
* Locality.
1633
+
*/
1634
+
L: string;
1635
+
/**
1636
+
* Organization.
1637
+
*/
1638
+
O: string;
1639
+
/**
1640
+
* Organizational unit.
1641
+
*/
1642
+
OU: string;
1643
+
/**
1644
+
* Common name.
1645
+
*/
1646
+
CN: string;
1647
+
}
1648
+
1649
+
exportinterfaceCipher{
1650
+
/**
1651
+
* The cipher name.
1652
+
*/
1653
+
name: string;
1654
+
/**
1655
+
* SSL/TLS protocol version.
1656
+
*/
1657
+
version: string;
1658
+
}
1659
+
1660
+
exportinterfacePeerCertificate{
1661
+
subject: Certificate;
1662
+
issuerInfo: Certificate;
1663
+
issuer: Certificate;
1664
+
raw: Buffer;
1665
+
valid_from: string;
1666
+
valid_to: string;
1667
+
fingerprint: string;
1668
+
serialNumber: string;
1618
1669
}
1619
1670
1620
-
exportinterfaceConnectionOptions{
1671
+
exportclassCleartextStreamextendsstream.Duplex{
1672
+
/**
1673
+
* Returns `true` if the peer certificate was signed by one of the CAs specified when creating the `tls.TLSSocket` instance, otherwise `false`.
1674
+
*/
1675
+
authorized: boolean;
1676
+
/**
1677
+
* Returns the reason why the peer's certificate was not been verified. This property is set only when `tlsSocket.authorized === false`.
1678
+
*/
1679
+
authorizationError?: Error;
1680
+
/**
1681
+
* Returns an object representing the cipher name and the SSL/TLS protocol version that first defined the cipher.
1682
+
*/
1683
+
getCipher(): Cipher;
1684
+
/**
1685
+
* Returns an object representing the peer's certificate. The returned object has some properties corresponding to the fields of the certificate.
1686
+
*
1687
+
* @param detailed Specify `true` to request that the full certificate chain with the `issuer` property be returned; false to return only the top certificate without the `issuer` property.
* Returns the bound address, the address family name and port of the underlying socket as reported by the operating system. Returns an object with three properties, e.g. `{ port: 12346, family: 'IPv4', address: '127.0.0.1' }`.
* Returns the string representation of the remote IP address. For example, `'74.125.127.100'` or `'2001:4860:a005::68'`.
1696
+
*/
1697
+
remoteAddress: string;
1698
+
/**
1699
+
* The numeric representation of the remote port. For example, 443.
1700
+
*/
1701
+
remotePort: number;
1702
+
}
1703
+
1704
+
exportinterfaceConnectOptions{
1705
+
/**
1706
+
* Host the client should connect to.
1707
+
*/
1621
1708
host?: string;
1709
+
/**
1710
+
* Port the client should connect to.
1711
+
*/
1622
1712
port?: number|string;
1713
+
/**
1714
+
* Establish secure connection on a given socket rather than creating a new socket. If this option is specified, `host` and `port` are ignored.
1715
+
*/
1623
1716
socket?: net.Socket;
1717
+
/**
1718
+
* A `string` or `Buffer` containing the private key, certificate, and CA certs of the client in PFX or PKCS12 format.
1719
+
*/
1624
1720
pfx?: string|Buffer;
1721
+
/**
1722
+
* A string or `Buffer` containing the private key of the client in PEM format.
1723
+
*/
1625
1724
key?: string|Buffer;
1725
+
/**
1726
+
* A string containing the passphrase for the private key or pfx.
1727
+
*/
1626
1728
passphrase?: string;
1729
+
/**
1730
+
* A string or `Buffer` containing the certificate key of the client in PEM format.
1731
+
*/
1627
1732
cert?: string|Buffer;
1628
-
ca?: string|Buffer|Array<string|Buffer>;
1733
+
/**
1734
+
* A string or `Buffer` of trusted certificates in PEM format. If this is omitted several well known "root" CAs (like VeriSign) will be used. These are used to authorize connections.
1735
+
*/
1736
+
ca?: string|Buffer;
1737
+
/**
1738
+
* If true, the server certificate is verified against the list of supplied CAs. An `'error'` event is emitted if verification fails; `err.code` contains the OpenSSL error code. Defaults to `true`.
1739
+
*/
1629
1740
rejectUnauthorized?: boolean;
1630
-
NPNProtocols?: Array<string|Buffer>;
1741
+
/**
1742
+
* An array of strings or `Buffer`s containing supported NPN protocols. `Buffer`s should have the format `[len][name][len][name]...` e.g. `0x05hello0x05world`, where the first byte is the length of the next protocol name. Passing an array is usually much simpler, e.g. `['hello', 'world']`.
1743
+
*/
1744
+
NPNProtocols?: string[]|Buffer[];
1745
+
/**
1746
+
* Server name for the SNI (Server Name Indication) TLS extension.
1747
+
*/
1631
1748
servername?: string;
1749
+
/**
1750
+
* The SSL method to use, e.g., `SSLv3_method` to force SSL version 3. The possible values depend on the version of OpenSSL installed in the environment and are defined in the constant SSL_METHODS.
* A `string` or `Buffer` containing the private key, certificate and CA certs of the server in PFX or PKCS12 format. (Mutually exclusive with the `key`, `cert`, and `ca` options.)
1758
+
*/
1759
+
pfx?: string|Buffer;
1760
+
/**
1761
+
* A string or `Buffer` containing the private key of the server in PEM format. (Required)
1762
+
*/
1763
+
key?: string|Buffer;
1764
+
/**
1765
+
* A string of passphrase for the private key or pfx.
1766
+
*/
1767
+
passphrase?: string;
1768
+
/**
1769
+
* A string or `Buffer` containing the certificate key of the server in PEM format. (Required).
1770
+
*/
1771
+
cert?: string|Buffer;
1772
+
/**
1773
+
* An array of strings or `Buffer`s of trusted certificates in PEM format. If this is omitted several well known "root" CAs will be used, like VeriSign. These are used to authorize connections.
1774
+
*/
1775
+
ca?: string|Buffer;
1776
+
/**
1777
+
* Either a string or array of strings of PEM encoded CRLs (Certificate Revocation List).
1778
+
*/
1779
+
crl?: string|string[];
1780
+
/**
1781
+
* A string describing the ciphers to use or exclude, separated by `:`.
1782
+
*/
1783
+
ciphers?: string;
1784
+
/**
1785
+
* Abort the connection if the SSL/TLS handshake does not finish in the specified number of milliseconds. Defaults to `120` seconds. A `'clientError'` is emitted on the `tls.Server` object whenever a handshake times out.
1786
+
*/
1787
+
handshakeTimeout?: number;
1788
+
/**
1789
+
* When choosing a cipher, use the server's preferences instead of the client preferences. Defaults to `true`.
1790
+
*/
1791
+
honorCipherOrder?: boolean;
1792
+
/**
1793
+
* If `true` the server will request a certificate from clients that connect and attempt to verify that certificate. Defaults to `false`.
1794
+
*/
1795
+
requestCert?: boolean;
1796
+
/**
1797
+
* If `true` the server will reject any connection which is not authorized with the list of supplied CAs. This option only has an effect if `requestCert` is `true`. Defaults to `false`.
1798
+
*/
1799
+
rejectUnauthorized?: boolean;
1800
+
/**
1801
+
* An array of strings or a `Buffer` naming possible NPN protocols. (Protocols should be ordered by their priority.)
1802
+
*/
1803
+
NPNProtocols?: string[]|Buffer;
1804
+
/**
1805
+
* function that will be called if client supports SNI TLS extension. Only one argument will be passed to it: servername. And SNICallback should return SecureContext instance. (You can use `crypto.createCredentials(...).context` to get proper SecureContext). If `SNICallback` wasn't provided - default callback with high-level API will be used (see below).
1806
+
*/
1807
+
SNICallback?: (servername: string)=>any;
1808
+
/**
1809
+
* A string containing an opaque identifier for session resumption. If `requestCert` is true, the default is a 128 bit truncated SHA1 hash value generated from the command-line. Otherwise, a default is not provided.
1810
+
*/
1811
+
sessionIdContext?: string;
1812
+
/**
1813
+
* The SSL method to use, e.g., `SSLv3_method` to force SSL version 3. The possible values depend on the version of OpenSSL installed in the environment and are defined in the constant SSL_METHODS.
1814
+
*/
1815
+
secureProtocol?: string;
1816
+
/**
1817
+
* Set server options. For example, to disable the SSLv3 protocol set the `SSL_OP_NO_SSLv3` flag. See SSL_CTX_set_options for all available options.
* Creates a new client connection to the given `port` and `host` or `options.port` and `options.host`. (If `host` is omitted, it defaults to `localhost`.)
0 commit comments