-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtls.html
1395 lines (1378 loc) · 100 KB
/
tls.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width">
<title>TLS (SSL) | Node.js v12.0.0 Documentation</title>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Lato:400,700,400italic">
<link rel="stylesheet" href="assets/style.css">
<link rel="stylesheet" href="assets/hljs.css">
<link rel="canonical" href="https://nodejs.org/api/tls.html">
</head>
<body class="alt apidoc" id="api-section-tls">
<div id="content" class="clearfix">
<div id="column2" class="interior">
<div id="intro" class="interior">
<a href="/" title="Go back to the home page">
Node.js
</a>
</div>
<ul>
<li><a href="documentation.html" class="nav-documentation">About these Docs</a></li>
<li><a href="synopsis.html" class="nav-synopsis">Usage & Example</a></li>
</ul>
<div class="line"></div>
<ul>
<li><a href="assert.html" class="nav-assert">Assertion Testing</a></li>
<li><a href="async_hooks.html" class="nav-async_hooks">Async Hooks</a></li>
<li><a href="buffer.html" class="nav-buffer">Buffer</a></li>
<li><a href="addons.html" class="nav-addons">C++ Addons</a></li>
<li><a href="n-api.html" class="nav-n-api">C/C++ Addons - N-API</a></li>
<li><a href="child_process.html" class="nav-child_process">Child Processes</a></li>
<li><a href="cluster.html" class="nav-cluster">Cluster</a></li>
<li><a href="cli.html" class="nav-cli">Command Line Options</a></li>
<li><a href="console.html" class="nav-console">Console</a></li>
<li><a href="crypto.html" class="nav-crypto">Crypto</a></li>
<li><a href="debugger.html" class="nav-debugger">Debugger</a></li>
<li><a href="deprecations.html" class="nav-deprecations">Deprecated APIs</a></li>
<li><a href="dns.html" class="nav-dns">DNS</a></li>
<li><a href="domain.html" class="nav-domain">Domain</a></li>
<li><a href="esm.html" class="nav-esm">ECMAScript Modules</a></li>
<li><a href="errors.html" class="nav-errors">Errors</a></li>
<li><a href="events.html" class="nav-events">Events</a></li>
<li><a href="fs.html" class="nav-fs">File System</a></li>
<li><a href="globals.html" class="nav-globals">Globals</a></li>
<li><a href="http.html" class="nav-http">HTTP</a></li>
<li><a href="http2.html" class="nav-http2">HTTP/2</a></li>
<li><a href="https.html" class="nav-https">HTTPS</a></li>
<li><a href="inspector.html" class="nav-inspector">Inspector</a></li>
<li><a href="intl.html" class="nav-intl">Internationalization</a></li>
<li><a href="modules.html" class="nav-modules">Modules</a></li>
<li><a href="net.html" class="nav-net">Net</a></li>
<li><a href="os.html" class="nav-os">OS</a></li>
<li><a href="path.html" class="nav-path">Path</a></li>
<li><a href="perf_hooks.html" class="nav-perf_hooks">Performance Hooks</a></li>
<li><a href="process.html" class="nav-process">Process</a></li>
<li><a href="punycode.html" class="nav-punycode">Punycode</a></li>
<li><a href="querystring.html" class="nav-querystring">Query Strings</a></li>
<li><a href="readline.html" class="nav-readline">Readline</a></li>
<li><a href="repl.html" class="nav-repl">REPL</a></li>
<li><a href="stream.html" class="nav-stream">Stream</a></li>
<li><a href="string_decoder.html" class="nav-string_decoder">String Decoder</a></li>
<li><a href="timers.html" class="nav-timers">Timers</a></li>
<li><a href="tls.html" class="nav-tls active">TLS/SSL</a></li>
<li><a href="tracing.html" class="nav-tracing">Trace Events</a></li>
<li><a href="tty.html" class="nav-tty">TTY</a></li>
<li><a href="dgram.html" class="nav-dgram">UDP/Datagram</a></li>
<li><a href="url.html" class="nav-url">URL</a></li>
<li><a href="util.html" class="nav-util">Utilities</a></li>
<li><a href="v8.html" class="nav-v8">V8</a></li>
<li><a href="vm.html" class="nav-vm">VM</a></li>
<li><a href="worker_threads.html" class="nav-worker_threads">Worker Threads</a></li>
<li><a href="zlib.html" class="nav-zlib">ZLIB</a></li>
</ul>
<div class="line"></div>
<ul>
<li><a href="https://github.com/nodejs/node" class="nav-https-github-com-nodejs-node">GitHub Repo & Issue Tracker</a></li>
</ul>
</div>
<div id="column1" data-id="tls" class="interior">
<header>
<h1>Node.js v12.0.0 Documentation</h1>
<div id="gtoc">
<ul>
<li>
<a href="index.html" name="toc">Index</a>
</li>
<li>
<a href="all.html">View on single page</a>
</li>
<li>
<a href="tls.json">View as JSON</a>
</li>
<li class="version-picker">
<a href="#">View another version <span>▼</span></a>
<ol class="version-picker"><li><a href="https://nodejs.org/docs/latest-v11.x/api/tls.html">11.x</a></li>
<li><a href="https://nodejs.org/docs/latest-v10.x/api/tls.html">10.x <b>LTS</b></a></li>
<li><a href="https://nodejs.org/docs/latest-v9.x/api/tls.html">9.x</a></li>
<li><a href="https://nodejs.org/docs/latest-v8.x/api/tls.html">8.x <b>LTS</b></a></li>
<li><a href="https://nodejs.org/docs/latest-v7.x/api/tls.html">7.x</a></li>
<li><a href="https://nodejs.org/docs/latest-v6.x/api/tls.html">6.x <b>LTS</b></a></li>
<li><a href="https://nodejs.org/docs/latest-v5.x/api/tls.html">5.x</a></li>
<li><a href="https://nodejs.org/docs/latest-v4.x/api/tls.html">4.x</a></li>
<li><a href="https://nodejs.org/docs/latest-v0.12.x/api/tls.html">0.12.x</a></li>
<li><a href="https://nodejs.org/docs/latest-v0.10.x/api/tls.html">0.10.x</a></li></ol>
</li>
<li class="edit_on_github"><a href="https://github.com/nodejs/node/edit/master/doc/api/tls.md"><span class="github_icon"><svg height="16" width="16" viewBox="0 0 16.1 16.1" fill="currentColor"><path d="M8 0a8 8 0 0 0-2.5 15.6c.4 0 .5-.2.5-.4v-1.5c-2 .4-2.5-.5-2.7-1 0-.1-.5-.9-.8-1-.3-.2-.7-.6 0-.6.6 0 1 .6 1.2.8.7 1.2 1.9 1 2.4.7 0-.5.2-.9.5-1-1.8-.3-3.7-1-3.7-4 0-.9.3-1.6.8-2.2 0-.2-.3-1 .1-2 0 0 .7-.3 2.2.7a7.4 7.4 0 0 1 4 0c1.5-1 2.2-.8 2.2-.8.5 1.1.2 2 .1 2.1.5.6.8 1.3.8 2.2 0 3-1.9 3.7-3.6 4 .3.2.5.7.5 1.4v2.2c0 .2.1.5.5.4A8 8 0 0 0 16 8a8 8 0 0 0-8-8z"/></svg></span>Edit on GitHub</a></li>
</ul>
</div>
<hr>
</header>
<div id="toc">
<h2>Table of Contents</h2>
<ul>
<li>
<p><span class="stability_2"><a href="#tls_tls_ssl">TLS (SSL)</a></span></p>
<ul>
<li>
<p><a href="#tls_tls_ssl_concepts">TLS/SSL Concepts</a></p>
<ul>
<li><a href="#tls_perfect_forward_secrecy">Perfect Forward Secrecy</a></li>
<li><a href="#tls_alpn_and_sni">ALPN and SNI</a></li>
<li><a href="#tls_client_initiated_renegotiation_attack_mitigation">Client-initiated renegotiation attack mitigation</a></li>
</ul>
</li>
<li><a href="#tls_modifying_the_default_tls_cipher_suite">Modifying the Default TLS Cipher suite</a></li>
<li>
<p><a href="#tls_class_tls_server">Class: tls.Server</a></p>
<ul>
<li><a href="#tls_event_newsession">Event: 'newSession'</a></li>
<li><a href="#tls_event_ocsprequest">Event: 'OCSPRequest'</a></li>
<li><a href="#tls_event_resumesession">Event: 'resumeSession'</a></li>
<li><a href="#tls_event_secureconnection">Event: 'secureConnection'</a></li>
<li><a href="#tls_event_tlsclienterror">Event: 'tlsClientError'</a></li>
<li><a href="#tls_server_addcontext_hostname_context">server.addContext(hostname, context)</a></li>
<li><a href="#tls_server_address">server.address()</a></li>
<li><a href="#tls_server_close_callback">server.close([callback])</a></li>
<li><span class="stability_0"><a href="#tls_server_connections">server.connections</a></span></li>
<li><a href="#tls_server_getticketkeys">server.getTicketKeys()</a></li>
<li><a href="#tls_server_listen">server.listen()</a></li>
<li><a href="#tls_server_setsecurecontext_options">server.setSecureContext(options)</a></li>
<li><a href="#tls_server_setticketkeys_keys">server.setTicketKeys(keys)</a></li>
</ul>
</li>
<li>
<p><a href="#tls_class_tls_tlssocket">Class: tls.TLSSocket</a></p>
<ul>
<li><a href="#tls_new_tls_tlssocket_socket_options">new tls.TLSSocket(socket[, options])</a></li>
<li><a href="#tls_event_ocspresponse">Event: 'OCSPResponse'</a></li>
<li><a href="#tls_event_secureconnect">Event: 'secureConnect'</a></li>
<li><a href="#tls_tlssocket_address">tlsSocket.address()</a></li>
<li><a href="#tls_tlssocket_authorizationerror">tlsSocket.authorizationError</a></li>
<li><a href="#tls_tlssocket_authorized">tlsSocket.authorized</a></li>
<li><a href="#tls_tlssocket_disablerenegotiation">tlsSocket.disableRenegotiation()</a></li>
<li><a href="#tls_tlssocket_encrypted">tlsSocket.encrypted</a></li>
<li><a href="#tls_tlssocket_getcertificate">tlsSocket.getCertificate()</a></li>
<li><a href="#tls_tlssocket_getcipher">tlsSocket.getCipher()</a></li>
<li><a href="#tls_tlssocket_getephemeralkeyinfo">tlsSocket.getEphemeralKeyInfo()</a></li>
<li><a href="#tls_tlssocket_getfinished">tlsSocket.getFinished()</a></li>
<li><a href="#tls_tlssocket_getpeercertificate_detailed">tlsSocket.getPeerCertificate([detailed])</a></li>
<li><a href="#tls_tlssocket_getpeerfinished">tlsSocket.getPeerFinished()</a></li>
<li><a href="#tls_tlssocket_getprotocol">tlsSocket.getProtocol()</a></li>
<li><a href="#tls_tlssocket_getsession">tlsSocket.getSession()</a></li>
<li><a href="#tls_tlssocket_gettlsticket">tlsSocket.getTLSTicket()</a></li>
<li><a href="#tls_tlssocket_localaddress">tlsSocket.localAddress</a></li>
<li><a href="#tls_tlssocket_localport">tlsSocket.localPort</a></li>
<li><a href="#tls_tlssocket_remoteaddress">tlsSocket.remoteAddress</a></li>
<li><a href="#tls_tlssocket_remotefamily">tlsSocket.remoteFamily</a></li>
<li><a href="#tls_tlssocket_remoteport">tlsSocket.remotePort</a></li>
<li><a href="#tls_tlssocket_renegotiate_options_callback">tlsSocket.renegotiate(options, callback)</a></li>
<li><a href="#tls_tlssocket_setmaxsendfragment_size">tlsSocket.setMaxSendFragment(size)</a></li>
</ul>
</li>
<li><a href="#tls_tls_checkserveridentity_hostname_cert">tls.checkServerIdentity(hostname, cert)</a></li>
<li><a href="#tls_tls_connect_options_callback">tls.connect(options[, callback])</a></li>
<li><a href="#tls_tls_connect_path_options_callback">tls.connect(path[, options][, callback])</a></li>
<li><a href="#tls_tls_connect_port_host_options_callback">tls.connect(port[, host][, options][, callback])</a></li>
<li><a href="#tls_tls_createsecurecontext_options">tls.createSecureContext([options])</a></li>
<li><a href="#tls_tls_createserver_options_secureconnectionlistener">tls.createServer([options][, secureConnectionListener])</a></li>
<li><a href="#tls_tls_getciphers">tls.getCiphers()</a></li>
<li><a href="#tls_tls_default_ecdh_curve">tls.DEFAULT_ECDH_CURVE</a></li>
<li>
<p><a href="#tls_deprecated_apis">Deprecated APIs</a></p>
<ul>
<li>
<p><span class="stability_0"><a href="#tls_class_cryptostream">Class: CryptoStream</a></span></p>
<ul>
<li><a href="#tls_cryptostream_byteswritten">cryptoStream.bytesWritten</a></li>
</ul>
</li>
<li>
<p><span class="stability_0"><a href="#tls_class_securepair">Class: SecurePair</a></span></p>
<ul>
<li><a href="#tls_event_secure">Event: 'secure'</a></li>
</ul>
</li>
<li><span class="stability_0"><a href="#tls_tls_createsecurepair_context_isserver_requestcert_rejectunauthorized_options">tls.createSecurePair([context][, isServer][, requestCert][, rejectUnauthorized][, options])</a></span></li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
<div id="apicontent">
<h1>TLS (SSL)<span><a class="mark" href="#tls_tls_ssl" id="tls_tls_ssl">#</a></span></h1>
<p></p><div class="api_stability api_stability_2"><a href="documentation.html#documentation_stability_index">Stability: 2</a> - Stable</div><p></p>
<p>The <code>tls</code> module provides an implementation of the Transport Layer Security
(TLS) and Secure Socket Layer (SSL) protocols that is built on top of OpenSSL.
The module can be accessed using:</p>
<pre><code class="language-js"><span class="hljs-keyword">const</span> tls = <span class="hljs-built_in">require</span>(<span class="hljs-string">'tls'</span>);</code></pre>
<h2>TLS/SSL Concepts<span><a class="mark" href="#tls_tls_ssl_concepts" id="tls_tls_ssl_concepts">#</a></span></h2>
<p>The TLS/SSL is a public/private key infrastructure (PKI). For most common
cases, each client and server must have a <em>private key</em>.</p>
<p>Private keys can be generated in multiple ways. The example below illustrates
use of the OpenSSL command-line interface to generate a 2048-bit RSA private
key:</p>
<pre><code class="language-sh">openssl genrsa -out ryans-key.pem 2048</code></pre>
<p>With TLS/SSL, all servers (and some clients) must have a <em>certificate</em>.
Certificates are <em>public keys</em> that correspond to a private key, and that are
digitally signed either by a Certificate Authority or by the owner of the
private key (such certificates are referred to as "self-signed"). The first
step to obtaining a certificate is to create a <em>Certificate Signing Request</em>
(CSR) file.</p>
<p>The OpenSSL command-line interface can be used to generate a CSR for a private
key:</p>
<pre><code class="language-sh">openssl req -new -sha256 -key ryans-key.pem -out ryans-csr.pem</code></pre>
<p>Once the CSR file is generated, it can either be sent to a Certificate
Authority for signing or used to generate a self-signed certificate.</p>
<p>Creating a self-signed certificate using the OpenSSL command-line interface
is illustrated in the example below:</p>
<pre><code class="language-sh">openssl x509 -req -in ryans-csr.pem -signkey ryans-key.pem -out ryans-cert.pem</code></pre>
<p>Once the certificate is generated, it can be used to generate a <code>.pfx</code> or
<code>.p12</code> file:</p>
<pre><code class="language-sh">openssl pkcs12 -export -in ryans-cert.pem -inkey ryans-key.pem \
-certfile ca-cert.pem -out ryans.pfx</code></pre>
<p>Where:</p>
<ul>
<li><code>in</code>: is the signed certificate</li>
<li><code>inkey</code>: is the associated private key</li>
<li><code>certfile</code>: is a concatenation of all Certificate Authority (CA) certs into
a single file, e.g. <code>cat ca1-cert.pem ca2-cert.pem > ca-cert.pem</code></li>
</ul>
<h3>Perfect Forward Secrecy<span><a class="mark" href="#tls_perfect_forward_secrecy" id="tls_perfect_forward_secrecy">#</a></span></h3>
<p>The term "<a href="https://en.wikipedia.org/wiki/Perfect_forward_secrecy">Forward Secrecy</a>" or "Perfect Forward Secrecy" describes a feature of
key-agreement (i.e., key-exchange) methods. That is, the server and client keys
are used to negotiate new temporary keys that are used specifically and only for
the current communication session. Practically, this means that even if the
server's private key is compromised, communication can only be decrypted by
eavesdroppers if the attacker manages to obtain the key-pair specifically
generated for the session.</p>
<p>Perfect Forward Secrecy is achieved by randomly generating a key pair for
key-agreement on every TLS/SSL handshake (in contrast to using the same key for
all sessions). Methods implementing this technique are called "ephemeral".</p>
<p>Currently two methods are commonly used to achieve Perfect Forward Secrecy (note
the character "E" appended to the traditional abbreviations):</p>
<ul>
<li><a href="https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange">DHE</a> - An ephemeral version of the Diffie Hellman key-agreement protocol.</li>
<li><a href="https://en.wikipedia.org/wiki/Elliptic_curve_Diffie%E2%80%93Hellman">ECDHE</a> - An ephemeral version of the Elliptic Curve Diffie Hellman
key-agreement protocol.</li>
</ul>
<p>Ephemeral methods may have some performance drawbacks, because key generation
is expensive.</p>
<p>To use Perfect Forward Secrecy using <code>DHE</code> with the <code>tls</code> module, it is required
to generate Diffie-Hellman parameters and specify them with the <code>dhparam</code>
option to <a href="#tls_tls_createsecurecontext_options"><code>tls.createSecureContext()</code></a>. The following illustrates the use of
the OpenSSL command-line interface to generate such parameters:</p>
<pre><code class="language-sh">openssl dhparam -outform PEM -out dhparam.pem 2048</code></pre>
<p>If using Perfect Forward Secrecy using <code>ECDHE</code>, Diffie-Hellman parameters are
not required and a default ECDHE curve will be used. The <code>ecdhCurve</code> property
can be used when creating a TLS Server to specify the list of names of supported
curves to use, see <a href="#tls_tls_createserver_options_secureconnectionlistener"><code>tls.createServer()</code></a> for more info.</p>
<h3>ALPN and SNI<span><a class="mark" href="#tls_alpn_and_sni" id="tls_alpn_and_sni">#</a></span></h3>
<p>ALPN (Application-Layer Protocol Negotiation Extension) and
SNI (Server Name Indication) are TLS handshake extensions:</p>
<ul>
<li>ALPN - Allows the use of one TLS server for multiple protocols (HTTP, HTTP/2)</li>
<li>SNI - Allows the use of one TLS server for multiple hostnames with different
SSL certificates.</li>
</ul>
<h3>Client-initiated renegotiation attack mitigation<span><a class="mark" href="#tls_client_initiated_renegotiation_attack_mitigation" id="tls_client_initiated_renegotiation_attack_mitigation">#</a></span></h3>
<p>The TLS protocol allows clients to renegotiate certain aspects of the TLS
session. Unfortunately, session renegotiation requires a disproportionate amount
of server-side resources, making it a potential vector for denial-of-service
attacks.</p>
<p>To mitigate the risk, renegotiation is limited to three times every ten minutes.
An <code>'error'</code> event is emitted on the <a href="#tls_class_tls_tlssocket"><code>tls.TLSSocket</code></a> instance when this
threshold is exceeded. The limits are configurable:</p>
<ul>
<li><code>tls.CLIENT_RENEG_LIMIT</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a> Specifies the number of renegotiation
requests. <strong>Default:</strong> <code>3</code>.</li>
<li><code>tls.CLIENT_RENEG_WINDOW</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a> Specifies the time renegotiation window
in seconds. <strong>Default:</strong> <code>600</code> (10 minutes).</li>
</ul>
<p>The default renegotiation limits should not be modified without a full
understanding of the implications and risks.</p>
<p>To test the renegotiation limits on a server, connect to it using the OpenSSL
command-line client (<code>openssl s_client -connect address:port</code>) then input
<code>R<CR></code> (i.e., the letter <code>R</code> followed by a carriage return) multiple times.</p>
<h2>Modifying the Default TLS Cipher suite<span><a class="mark" href="#tls_modifying_the_default_tls_cipher_suite" id="tls_modifying_the_default_tls_cipher_suite">#</a></span></h2>
<p>Node.js is built with a default suite of enabled and disabled TLS ciphers.
Currently, the default cipher suite is:</p>
<pre><code class="language-txt">ECDHE-RSA-AES128-GCM-SHA256:
ECDHE-ECDSA-AES128-GCM-SHA256:
ECDHE-RSA-AES256-GCM-SHA384:
ECDHE-ECDSA-AES256-GCM-SHA384:
DHE-RSA-AES128-GCM-SHA256:
ECDHE-RSA-AES128-SHA256:
DHE-RSA-AES128-SHA256:
ECDHE-RSA-AES256-SHA384:
DHE-RSA-AES256-SHA384:
ECDHE-RSA-AES256-SHA256:
DHE-RSA-AES256-SHA256:
HIGH:
!aNULL:
!eNULL:
!EXPORT:
!DES:
!RC4:
!MD5:
!PSK:
!SRP:
!CAMELLIA</code></pre>
<p>This default can be replaced entirely using the <code>--tls-cipher-list</code> command
line switch. For instance, the following makes
<code>ECDHE-RSA-AES128-GCM-SHA256:!RC4</code> the default TLS cipher suite:</p>
<pre><code class="language-sh">node --tls-cipher-list=<span class="hljs-string">"ECDHE-RSA-AES128-GCM-SHA256:!RC4"</span></code></pre>
<p>The default can also be replaced on a per client or server basis using the
<code>ciphers</code> option from <a href="#tls_tls_createsecurecontext_options"><code>tls.createSecureContext()</code></a>, which is also available
in <a href="#tls_tls_createserver_options_secureconnectionlistener"><code>tls.createServer()</code></a>, <a href="#tls_tls_connect_options_callback"><code>tls.connect()</code></a>, and when creating new
<a href="#tls_class_tls_tlssocket"><code>tls.TLSSocket</code></a>s.</p>
<p>Consult <a href="https://www.openssl.org/docs/man1.1.0/apps/ciphers.html#CIPHER-LIST-FORMAT">OpenSSL cipher list format documentation</a> for details on the format.</p>
<p>The default cipher suite included within Node.js has been carefully
selected to reflect current security best practices and risk mitigation.
Changing the default cipher suite can have a significant impact on the security
of an application. The <code>--tls-cipher-list</code> switch and <code>ciphers</code> option should by
used only if absolutely necessary.</p>
<p>The default cipher suite prefers GCM ciphers for <a href="https://www.chromium.org/Home/chromium-security/education/tls#TOC-Cipher-Suites">Chrome's 'modern
cryptography' setting</a> and also prefers ECDHE and DHE ciphers for Perfect
Forward Secrecy, while offering <em>some</em> backward compatibility.</p>
<p>128 bit AES is preferred over 192 and 256 bit AES in light of <a href="https://www.schneier.com/blog/archives/2009/07/another_new_aes.html">specific
attacks affecting larger AES key sizes</a>.</p>
<p>Old clients that rely on insecure and deprecated RC4 or DES-based ciphers
(like Internet Explorer 6) cannot complete the handshaking process with
the default configuration. If these clients <em>must</em> be supported, the
<a href="https://wiki.mozilla.org/Security/Server_Side_TLS">TLS recommendations</a> may offer a compatible cipher suite. For more details
on the format, see the <a href="https://www.openssl.org/docs/man1.1.0/apps/ciphers.html#CIPHER-LIST-FORMAT">OpenSSL cipher list format documentation</a>.</p>
<h2>Class: tls.Server<span><a class="mark" href="#tls_class_tls_server" id="tls_class_tls_server">#</a></span></h2>
<div class="api_metadata">
<span>Added in: v0.3.2</span>
</div>
<p>The <code>tls.Server</code> class is a subclass of <code>net.Server</code> that accepts encrypted
connections using TLS or SSL.</p>
<h3>Event: 'newSession'<span><a class="mark" href="#tls_event_newsession" id="tls_event_newsession">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.9.2</span>
</div>
<p>The <code>'newSession'</code> event is emitted upon creation of a new TLS session. This may
be used to store sessions in external storage. The listener callback is passed
three arguments when called:</p>
<ul>
<li><code>sessionId</code> - The TLS session identifier</li>
<li><code>sessionData</code> - The TLS session data</li>
<li><code>callback</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function" class="type"><Function></a> A callback function taking no arguments that must be
invoked in order for data to be sent or received over the secure connection.</li>
</ul>
<p>Listening for this event will have an effect only on connections established
after the addition of the event listener.</p>
<h3>Event: 'OCSPRequest'<span><a class="mark" href="#tls_event_ocsprequest" id="tls_event_ocsprequest">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.13</span>
</div>
<p>The <code>'OCSPRequest'</code> event is emitted when the client sends a certificate status
request. The listener callback is passed three arguments when called:</p>
<ul>
<li><code>certificate</code> <a href="buffer.html#buffer_class_buffer" class="type"><Buffer></a> The server certificate</li>
<li><code>issuer</code> <a href="buffer.html#buffer_class_buffer" class="type"><Buffer></a> The issuer's certificate</li>
<li><code>callback</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function" class="type"><Function></a> A callback function that must be invoked to provide
the results of the OCSP request.</li>
</ul>
<p>The server's current certificate can be parsed to obtain the OCSP URL
and certificate ID; after obtaining an OCSP response, <code>callback(null, resp)</code> is
then invoked, where <code>resp</code> is a <code>Buffer</code> instance containing the OCSP response.
Both <code>certificate</code> and <code>issuer</code> are <code>Buffer</code> DER-representations of the
primary and issuer's certificates. These can be used to obtain the OCSP
certificate ID and OCSP endpoint URL.</p>
<p>Alternatively, <code>callback(null, null)</code> may be called, indicating that there was
no OCSP response.</p>
<p>Calling <code>callback(err)</code> will result in a <code>socket.destroy(err)</code> call.</p>
<p>The typical flow of an OCSP Request is as follows:</p>
<ol>
<li>Client connects to the server and sends an <code>'OCSPRequest'</code> (via the status
info extension in ClientHello).</li>
<li>Server receives the request and emits the <code>'OCSPRequest'</code> event, calling the
listener if registered.</li>
<li>Server extracts the OCSP URL from either the <code>certificate</code> or <code>issuer</code> and
performs an <a href="https://en.wikipedia.org/wiki/OCSP_stapling">OCSP request</a> to the CA.</li>
<li>Server receives <code>'OCSPResponse'</code> from the CA and sends it back to the client
via the <code>callback</code> argument</li>
<li>Client validates the response and either destroys the socket or performs a
handshake.</li>
</ol>
<p>The <code>issuer</code> can be <code>null</code> if the certificate is either self-signed or the
issuer is not in the root certificates list. (An issuer may be provided
via the <code>ca</code> option when establishing the TLS connection.)</p>
<p>Listening for this event will have an effect only on connections established
after the addition of the event listener.</p>
<p>An npm module like <a href="https://www.npmjs.com/package/asn1.js">asn1.js</a> may be used to parse the certificates.</p>
<h3>Event: 'resumeSession'<span><a class="mark" href="#tls_event_resumesession" id="tls_event_resumesession">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.9.2</span>
</div>
<p>The <code>'resumeSession'</code> event is emitted when the client requests to resume a
previous TLS session. The listener callback is passed two arguments when
called:</p>
<ul>
<li><code>sessionId</code> - The TLS/SSL session identifier</li>
<li><code>callback</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function" class="type"><Function></a> A callback function to be called when the prior session
has been recovered.</li>
</ul>
<p>When called, the event listener may perform a lookup in external storage using
the given <code>sessionId</code> and invoke <code>callback(null, sessionData)</code> once finished. If
the session cannot be resumed (i.e., doesn't exist in storage) the callback may
be invoked as <code>callback(null, null)</code>. Calling <code>callback(err)</code> will terminate the
incoming connection and destroy the socket.</p>
<p>Listening for this event will have an effect only on connections established
after the addition of the event listener.</p>
<p>The following illustrates resuming a TLS session:</p>
<pre><code class="language-js"><span class="hljs-keyword">const</span> tlsSessionStore = {};
server.on(<span class="hljs-string">'newSession'</span>, (id, data, cb) => {
tlsSessionStore[id.toString(<span class="hljs-string">'hex'</span>)] = data;
cb();
});
server.on(<span class="hljs-string">'resumeSession'</span>, (id, cb) => {
cb(<span class="hljs-literal">null</span>, tlsSessionStore[id.toString(<span class="hljs-string">'hex'</span>)] || <span class="hljs-literal">null</span>);
});</code></pre>
<h3>Event: 'secureConnection'<span><a class="mark" href="#tls_event_secureconnection" id="tls_event_secureconnection">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.3.2</span>
</div>
<p>The <code>'secureConnection'</code> event is emitted after the handshaking process for a
new connection has successfully completed. The listener callback is passed a
single argument when called:</p>
<ul>
<li><code>tlsSocket</code> <a href="tls.html#tls_class_tls_tlssocket" class="type"><tls.TLSSocket></a> The established TLS socket.</li>
</ul>
<p>The <code>tlsSocket.authorized</code> property is a <code>boolean</code> indicating whether the
client has been verified by one of the supplied Certificate Authorities for the
server. If <code>tlsSocket.authorized</code> is <code>false</code>, then <code>socket.authorizationError</code>
is set to describe how authorization failed. Note that depending on the settings
of the TLS server, unauthorized connections may still be accepted.</p>
<p>The <code>tlsSocket.alpnProtocol</code> property is a string that contains the selected
ALPN protocol. When ALPN has no selected protocol, <code>tlsSocket.alpnProtocol</code>
equals <code>false</code>.</p>
<p>The <code>tlsSocket.servername</code> property is a string containing the server name
requested via SNI.</p>
<h3>Event: 'tlsClientError'<span><a class="mark" href="#tls_event_tlsclienterror" id="tls_event_tlsclienterror">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v6.0.0</span>
</div>
<p>The <code>'tlsClientError'</code> event is emitted when an error occurs before a secure
connection is established. The listener callback is passed two arguments when
called:</p>
<ul>
<li><code>exception</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Error" class="type"><Error></a> The <code>Error</code> object describing the error</li>
<li><code>tlsSocket</code> <a href="tls.html#tls_class_tls_tlssocket" class="type"><tls.TLSSocket></a> The <code>tls.TLSSocket</code> instance from which the
error originated.</li>
</ul>
<h3>server.addContext(hostname, context)<span><a class="mark" href="#tls_server_addcontext_hostname_context" id="tls_server_addcontext_hostname_context">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.5.3</span>
</div>
<ul>
<li><code>hostname</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> A SNI hostname or wildcard (e.g. <code>'*'</code>)</li>
<li><code>context</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a> An object containing any of the possible properties
from the <a href="#tls_tls_createsecurecontext_options"><code>tls.createSecureContext()</code></a> <code>options</code> arguments (e.g. <code>key</code>,
<code>cert</code>, <code>ca</code>, etc).</li>
</ul>
<p>The <code>server.addContext()</code> method adds a secure context that will be used if
the client request's SNI name matches the supplied <code>hostname</code> (or wildcard).</p>
<h3>server.address()<a class="srclink" href="https://github.com/runkitdev/node/blob/cf1ce2bcc1a88ef6ff1bf745a19913a69607fb02/lib/net.js#L1486">[src]</a><span><a class="mark" href="#tls_server_address" id="tls_server_address">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.6.0</span>
</div>
<ul>
<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li>
</ul>
<p>Returns the bound address, the address family name, and port of the
server as reported by the operating system. See <a href="net.html#net_server_address"><code>net.Server.address()</code></a> for
more information.</p>
<h3>server.close([callback])<a class="srclink" href="https://github.com/runkitdev/node/blob/cf1ce2bcc1a88ef6ff1bf745a19913a69607fb02/lib/net.js#L1572">[src]</a><span><a class="mark" href="#tls_server_close_callback" id="tls_server_close_callback">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.3.2</span>
</div>
<ul>
<li><code>callback</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function" class="type"><Function></a> A listener callback that will be registered to listen
for the server instance's <code>'close'</code> event.</li>
<li>Returns: <a href="tls.html#tls_class_tls_server" class="type"><tls.Server></a></li>
</ul>
<p>The <code>server.close()</code> method stops the server from accepting new connections.</p>
<p>This function operates asynchronously. The <code>'close'</code> event will be emitted
when the server has no more open connections.</p>
<h3>server.connections<span><a class="mark" href="#tls_server_connections" id="tls_server_connections">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.3.2</span><span>Deprecated since: v0.9.7</span>
</div>
<p></p><div class="api_stability api_stability_0"><a href="documentation.html#documentation_stability_index">Stability: 0</a> - Deprecated: Use <a href="net.html#net_server_getconnections_callback"><code>server.getConnections()</code></a> instead.</div><p></p>
<ul>
<li><a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a></li>
</ul>
<p>Returns the current number of concurrent connections on the server.</p>
<h3>server.getTicketKeys()<span><a class="mark" href="#tls_server_getticketkeys" id="tls_server_getticketkeys">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v3.0.0</span>
</div>
<ul>
<li>Returns: <a href="buffer.html#buffer_class_buffer" class="type"><Buffer></a></li>
</ul>
<p>Returns a <code>Buffer</code> instance holding the keys currently used for
encryption/decryption of the <a href="https://www.ietf.org/rfc/rfc5077.txt">TLS Session Tickets</a>.</p>
<h3>server.listen()<a class="srclink" href="https://github.com/runkitdev/node/blob/cf1ce2bcc1a88ef6ff1bf745a19913a69607fb02/lib/net.js#L1366">[src]</a><span><a class="mark" href="#tls_server_listen" id="tls_server_listen">#</a></span></h3>
<p>Starts the server listening for encrypted connections.
This method is identical to <a href="net.html#net_server_listen"><code>server.listen()</code></a> from <a href="net.html#net_class_net_server"><code>net.Server</code></a>.</p>
<h3>server.setSecureContext(options)<span><a class="mark" href="#tls_server_setsecurecontext_options" id="tls_server_setsecurecontext_options">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v11.0.0</span>
</div>
<ul>
<li><code>options</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a> An object containing any of the possible properties from
the <a href="#tls_tls_createsecurecontext_options"><code>tls.createSecureContext()</code></a> <code>options</code> arguments (e.g. <code>key</code>, <code>cert</code>,
<code>ca</code>, etc).</li>
</ul>
<p>The <code>server.setSecureContext()</code> method replaces the secure context of an
existing server. Existing connections to the server are not interrupted.</p>
<h3>server.setTicketKeys(keys)<span><a class="mark" href="#tls_server_setticketkeys_keys" id="tls_server_setticketkeys_keys">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v3.0.0</span>
</div>
<ul>
<li><code>keys</code> <a href="buffer.html#buffer_class_buffer" class="type"><Buffer></a> The keys used for encryption/decryption of the
<a href="https://www.ietf.org/rfc/rfc5077.txt">TLS Session Tickets</a>.</li>
</ul>
<p>Updates the keys for encryption/decryption of the <a href="https://www.ietf.org/rfc/rfc5077.txt">TLS Session Tickets</a>.</p>
<p>The key's <code>Buffer</code> should be 48 bytes long. See <code>ticketKeys</code> option in
<a href="#tls_tls_createserver_options_secureconnectionlistener"><code>tls.createServer()</code></a> for more information on how it is used.</p>
<p>Changes to the ticket keys are effective only for future server connections.
Existing or currently pending server connections will use the previous keys.</p>
<h2>Class: tls.TLSSocket<span><a class="mark" href="#tls_class_tls_tlssocket" id="tls_class_tls_tlssocket">#</a></span></h2>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<p>The <code>tls.TLSSocket</code> is a subclass of <a href="net.html#net_class_net_socket"><code>net.Socket</code></a> that performs transparent
encryption of written data and all required TLS negotiation.</p>
<p>Instances of <code>tls.TLSSocket</code> implement the duplex <a href="stream.html#stream_stream">Stream</a> interface.</p>
<p>Methods that return TLS connection metadata (e.g.
<a href="#tls_tlssocket_getpeercertificate_detailed"><code>tls.TLSSocket.getPeerCertificate()</code></a> will only return data while the
connection is open.</p>
<h3>new tls.TLSSocket(socket[, options])<span><a class="mark" href="#tls_new_tls_tlssocket_socket_options" id="tls_new_tls_tlssocket_socket_options">#</a></span></h3>
<div class="api_metadata">
<details class="changelog"><summary>History</summary>
<table>
<tbody><tr><th>Version</th><th>Changes</th></tr>
<tr><td>v5.0.0</td>
<td><p>ALPN options are supported now.</p></td></tr>
<tr><td>v0.11.4</td>
<td><p><span>Added in: v0.11.4</span></p></td></tr>
</tbody></table>
</details>
</div>
<ul>
<li><code>socket</code> <a href="net.html#net_class_net_socket" class="type"><net.Socket></a> | <a href="stream.html#stream_class_stream_duplex" class="type"><stream.Duplex></a>
On the server side, any <code>Duplex</code> stream. On the client side, any
instance of <a href="net.html#net_class_net_socket"><code>net.Socket</code></a> (for generic <code>Duplex</code> stream support
on the client side, <a href="#tls_tls_connect_options_callback"><code>tls.connect()</code></a> must be used).</li>
<li>
<p><code>options</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></p>
<ul>
<li><code>isServer</code>: The SSL/TLS protocol is asymmetrical, TLSSockets must know if
they are to behave as a server or a client. If <code>true</code> the TLS socket will be
instantiated as a server. <strong>Default:</strong> <code>false</code>.</li>
<li><code>server</code> <a href="net.html#net_class_net_server" class="type"><net.Server></a> A <a href="net.html#net_class_net_server"><code>net.Server</code></a> instance.</li>
<li><code>requestCert</code>: Whether to authenticate the remote peer by requesting a
certificate. Clients always request a server certificate. Servers
(<code>isServer</code> is true) may set <code>requestCert</code> to true to request a client
certificate.</li>
<li><code>rejectUnauthorized</code>: See <a href="#tls_tls_createserver_options_secureconnectionlistener"><code>tls.createServer()</code></a></li>
<li><code>ALPNProtocols</code>: See <a href="#tls_tls_createserver_options_secureconnectionlistener"><code>tls.createServer()</code></a></li>
<li><code>SNICallback</code>: See <a href="#tls_tls_createserver_options_secureconnectionlistener"><code>tls.createServer()</code></a></li>
<li><code>session</code> <a href="buffer.html#buffer_class_buffer" class="type"><Buffer></a> A <code>Buffer</code> instance containing a TLS session.</li>
<li><code>requestOCSP</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a> If <code>true</code>, specifies that the OCSP status request
extension will be added to the client hello and an <code>'OCSPResponse'</code> event
will be emitted on the socket before establishing a secure communication</li>
<li><code>secureContext</code>: TLS context object created with
<a href="#tls_tls_createsecurecontext_options"><code>tls.createSecureContext()</code></a>. If a <code>secureContext</code> is <em>not</em> provided, one
will be created by passing the entire <code>options</code> object to
<code>tls.createSecureContext()</code>.</li>
<li>...: <a href="#tls_tls_createsecurecontext_options"><code>tls.createSecureContext()</code></a> options that are used if the
<code>secureContext</code> option is missing. Otherwise, they are ignored.</li>
</ul>
</li>
</ul>
<p>Construct a new <code>tls.TLSSocket</code> object from an existing TCP socket.</p>
<h3>Event: 'OCSPResponse'<span><a class="mark" href="#tls_event_ocspresponse" id="tls_event_ocspresponse">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.13</span>
</div>
<p>The <code>'OCSPResponse'</code> event is emitted if the <code>requestOCSP</code> option was set
when the <code>tls.TLSSocket</code> was created and an OCSP response has been received.
The listener callback is passed a single argument when called:</p>
<ul>
<li><code>response</code> <a href="buffer.html#buffer_class_buffer" class="type"><Buffer></a> The server's OCSP response</li>
</ul>
<p>Typically, the <code>response</code> is a digitally signed object from the server's CA that
contains information about server's certificate revocation status.</p>
<h3>Event: 'secureConnect'<span><a class="mark" href="#tls_event_secureconnect" id="tls_event_secureconnect">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<p>The <code>'secureConnect'</code> event is emitted after the handshaking process for a new
connection has successfully completed. The listener callback will be called
regardless of whether or not the server's certificate has been authorized. It
is the client's responsibility to check the <code>tlsSocket.authorized</code> property to
determine if the server certificate was signed by one of the specified CAs. If
<code>tlsSocket.authorized === false</code>, then the error can be found by examining the
<code>tlsSocket.authorizationError</code> property. If ALPN was used, the
<code>tlsSocket.alpnProtocol</code> property can be checked to determine the negotiated
protocol.</p>
<h3>tlsSocket.address()<span><a class="mark" href="#tls_tlssocket_address" id="tls_tlssocket_address">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<ul>
<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li>
</ul>
<p>Returns the bound <code>address</code>, the address <code>family</code> name, and <code>port</code> of the
underlying socket as reported by the operating system:
<code>{ port: 12346, family: 'IPv4', address: '127.0.0.1' }</code>.</p>
<h3>tlsSocket.authorizationError<span><a class="mark" href="#tls_tlssocket_authorizationerror" id="tls_tlssocket_authorizationerror">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<p>Returns the reason why the peer's certificate was not been verified. This
property is set only when <code>tlsSocket.authorized === false</code>.</p>
<h3>tlsSocket.authorized<span><a class="mark" href="#tls_tlssocket_authorized" id="tls_tlssocket_authorized">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<ul>
<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a></li>
</ul>
<p>Returns <code>true</code> if the peer certificate was signed by one of the CAs specified
when creating the <code>tls.TLSSocket</code> instance, otherwise <code>false</code>.</p>
<h3>tlsSocket.disableRenegotiation()<span><a class="mark" href="#tls_tlssocket_disablerenegotiation" id="tls_tlssocket_disablerenegotiation">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v8.4.0</span>
</div>
<p>Disables TLS renegotiation for this <code>TLSSocket</code> instance. Once called, attempts
to renegotiate will trigger an <code>'error'</code> event on the <code>TLSSocket</code>.</p>
<h3>tlsSocket.encrypted<span><a class="mark" href="#tls_tlssocket_encrypted" id="tls_tlssocket_encrypted">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<p>Always returns <code>true</code>. This may be used to distinguish TLS sockets from regular
<code>net.Socket</code> instances.</p>
<h3>tlsSocket.getCertificate()<span><a class="mark" href="#tls_tlssocket_getcertificate" id="tls_tlssocket_getcertificate">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v11.2.0</span>
</div>
<ul>
<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li>
</ul>
<p>Returns an object representing the local certificate. The returned object has
some properties corresponding to the fields of the certificate.</p>
<p>See <a href="#tls_tlssocket_getpeercertificate_detailed"><code>tls.TLSSocket.getPeerCertificate()</code></a> for an example of the certificate
structure.</p>
<p>If there is no local certificate, an empty object will be returned. If the
socket has been destroyed, <code>null</code> will be returned.</p>
<h3>tlsSocket.getCipher()<span><a class="mark" href="#tls_tlssocket_getcipher" id="tls_tlssocket_getcipher">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<ul>
<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li>
</ul>
<p>Returns an object representing the cipher name. The <code>version</code> key is a legacy
field which always contains the value <code>'TLSv1/SSLv3'</code>.</p>
<p>For example: <code>{ name: 'AES256-SHA', version: 'TLSv1/SSLv3' }</code>.</p>
<p>See <code>SSL_CIPHER_get_name()</code> in
<a href="https://www.openssl.org/docs/man1.1.0/ssl/SSL_CIPHER_get_name.html">https://www.openssl.org/docs/man1.1.0/ssl/SSL_CIPHER_get_name.html</a> for more
information.</p>
<h3>tlsSocket.getEphemeralKeyInfo()<span><a class="mark" href="#tls_tlssocket_getephemeralkeyinfo" id="tls_tlssocket_getephemeralkeyinfo">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v5.0.0</span>
</div>
<ul>
<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li>
</ul>
<p>Returns an object representing the type, name, and size of parameter of
an ephemeral key exchange in <a href="#tls_perfect_forward_secrecy">Perfect Forward Secrecy</a> on a client
connection. It returns an empty object when the key exchange is not
ephemeral. As this is only supported on a client socket; <code>null</code> is returned
if called on a server socket. The supported types are <code>'DH'</code> and <code>'ECDH'</code>. The
<code>name</code> property is available only when type is <code>'ECDH'</code>.</p>
<p>For example: <code>{ type: 'ECDH', name: 'prime256v1', size: 256 }</code>.</p>
<h3>tlsSocket.getFinished()<span><a class="mark" href="#tls_tlssocket_getfinished" id="tls_tlssocket_getfinished">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v9.9.0</span>
</div>
<ul>
<li>Returns: <a href="buffer.html#buffer_class_buffer" class="type"><Buffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Undefined_type" class="type"><undefined></a> The latest <code>Finished</code> message that has been
sent to the socket as part of a SSL/TLS handshake, or <code>undefined</code> if
no <code>Finished</code> message has been sent yet.</li>
</ul>
<p>As the <code>Finished</code> messages are message digests of the complete handshake
(with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
be used for external authentication procedures when the authentication
provided by SSL/TLS is not desired or is not enough.</p>
<p>Corresponds to the <code>SSL_get_finished</code> routine in OpenSSL and may be used
to implement the <code>tls-unique</code> channel binding from <a href="https://tools.ietf.org/html/rfc5929">RFC 5929</a>.</p>
<h3>tlsSocket.getPeerCertificate([detailed])<span><a class="mark" href="#tls_tlssocket_getpeercertificate_detailed" id="tls_tlssocket_getpeercertificate_detailed">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<ul>
<li><code>detailed</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a> Include the full certificate chain if <code>true</code>, otherwise
include just the peer's certificate.</li>
<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></li>
</ul>
<p>Returns an object representing the peer's certificate. The returned object has
some properties corresponding to the fields of the certificate.</p>
<p>If the full certificate chain was requested, each certificate will include an
<code>issuerCertificate</code> property containing an object representing its issuer's
certificate.</p>
<pre><code class="language-text">{ subject:
{ C: 'UK',
ST: 'Acknack Ltd',
L: 'Rhys Jones',
O: 'node.js',
OU: 'Test TLS Certificate',
CN: 'localhost' },
issuer:
{ C: 'UK',
ST: 'Acknack Ltd',
L: 'Rhys Jones',
O: 'node.js',
OU: 'Test TLS Certificate',
CN: 'localhost' },
issuerCertificate:
{ ... another certificate, possibly with an .issuerCertificate ... },
raw: < RAW DER buffer >,
pubkey: < RAW DER buffer >,
valid_from: 'Nov 11 09:52:22 2009 GMT',
valid_to: 'Nov 6 09:52:22 2029 GMT',
fingerprint: '2A:7A:C2:DD:E5:F9:CC:53:72:35:99:7A:02:5A:71:38:52:EC:8A:DF',
fingerprint256: '2A:7A:C2:DD:E5:F9:CC:53:72:35:99:7A:02:5A:71:38:52:EC:8A:DF:00:11:22:33:44:55:66:77:88:99:AA:BB',
serialNumber: 'B9B0D332A1AA5635' }</code></pre>
<p>If the peer does not provide a certificate, an empty object will be returned.
If the socket has been destroyed, <code>null</code> will be returned.</p>
<h3>tlsSocket.getPeerFinished()<span><a class="mark" href="#tls_tlssocket_getpeerfinished" id="tls_tlssocket_getpeerfinished">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v9.9.0</span>
</div>
<ul>
<li>Returns: <a href="buffer.html#buffer_class_buffer" class="type"><Buffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Undefined_type" class="type"><undefined></a> The latest <code>Finished</code> message that is expected
or has actually been received from the socket as part of a SSL/TLS handshake,
or <code>undefined</code> if there is no <code>Finished</code> message so far.</li>
</ul>
<p>As the <code>Finished</code> messages are message digests of the complete handshake
(with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
be used for external authentication procedures when the authentication
provided by SSL/TLS is not desired or is not enough.</p>
<p>Corresponds to the <code>SSL_get_peer_finished</code> routine in OpenSSL and may be used
to implement the <code>tls-unique</code> channel binding from <a href="https://tools.ietf.org/html/rfc5929">RFC 5929</a>.</p>
<h3>tlsSocket.getProtocol()<span><a class="mark" href="#tls_tlssocket_getprotocol" id="tls_tlssocket_getprotocol">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v5.7.0</span>
</div>
<ul>
<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a></li>
</ul>
<p>Returns a string containing the negotiated SSL/TLS protocol version of the
current connection. The value <code>'unknown'</code> will be returned for connected
sockets that have not completed the handshaking process. The value <code>null</code> will
be returned for server sockets or disconnected client sockets.</p>
<p>Example responses include:</p>
<ul>
<li><code>TLSv1</code></li>
<li><code>TLSv1.1</code></li>
<li><code>TLSv1.2</code></li>
<li><code>unknown</code></li>
</ul>
<p>See <a href="https://www.openssl.org/docs/man1.1.0/ssl/SSL_get_version.html">https://www.openssl.org/docs/man1.1.0/ssl/SSL_get_version.html</a> for more
information.</p>
<h3>tlsSocket.getSession()<span><a class="mark" href="#tls_tlssocket_getsession" id="tls_tlssocket_getsession">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<p>Returns the ASN.1 encoded TLS session or <code>undefined</code> if no session was
negotiated. Can be used to speed up handshake establishment when reconnecting
to the server.</p>
<h3>tlsSocket.getTLSTicket()<span><a class="mark" href="#tls_tlssocket_gettlsticket" id="tls_tlssocket_gettlsticket">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<p>Returns the TLS session ticket or <code>undefined</code> if no session was negotiated.</p>
<p>This only works with client TLS sockets. Useful only for debugging, for session
reuse provide <code>session</code> option to <a href="#tls_tls_connect_options_callback"><code>tls.connect()</code></a>.</p>
<h3>tlsSocket.localAddress<span><a class="mark" href="#tls_tlssocket_localaddress" id="tls_tlssocket_localaddress">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<ul>
<li><a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a></li>
</ul>
<p>Returns the string representation of the local IP address.</p>
<h3>tlsSocket.localPort<span><a class="mark" href="#tls_tlssocket_localport" id="tls_tlssocket_localport">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<ul>
<li><a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a></li>
</ul>
<p>Returns the numeric representation of the local port.</p>
<h3>tlsSocket.remoteAddress<span><a class="mark" href="#tls_tlssocket_remoteaddress" id="tls_tlssocket_remoteaddress">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<ul>
<li><a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a></li>
</ul>
<p>Returns the string representation of the remote IP address. For example,
<code>'74.125.127.100'</code> or <code>'2001:4860:a005::68'</code>.</p>
<h3>tlsSocket.remoteFamily<span><a class="mark" href="#tls_tlssocket_remotefamily" id="tls_tlssocket_remotefamily">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<ul>
<li><a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a></li>
</ul>
<p>Returns the string representation of the remote IP family. <code>'IPv4'</code> or <code>'IPv6'</code>.</p>
<h3>tlsSocket.remotePort<span><a class="mark" href="#tls_tlssocket_remoteport" id="tls_tlssocket_remoteport">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.4</span>
</div>
<ul>
<li><a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a></li>
</ul>
<p>Returns the numeric representation of the remote port. For example, <code>443</code>.</p>
<h3>tlsSocket.renegotiate(options, callback)<span><a class="mark" href="#tls_tlssocket_renegotiate_options_callback" id="tls_tlssocket_renegotiate_options_callback">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.8</span>
</div>
<ul>
<li>
<p><code>options</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></p>
<ul>
<li><code>rejectUnauthorized</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a> If not <code>false</code>, the server certificate is
verified against the list of supplied CAs. An <code>'error'</code> event is emitted if
verification fails; <code>err.code</code> contains the OpenSSL error code. <strong>Default:</strong>
<code>true</code>.</li>
<li><code>requestCert</code></li>
</ul>
</li>
<li><code>callback</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function" class="type"><Function></a> A function that will be called when the renegotiation
request has been completed.</li>
</ul>
<p>The <code>tlsSocket.renegotiate()</code> method initiates a TLS renegotiation process.
Upon completion, the <code>callback</code> function will be passed a single argument
that is either an <code>Error</code> (if the request failed) or <code>null</code>.</p>
<p>This method can be used to request a peer's certificate after the secure
connection has been established.</p>
<p>When running as the server, the socket will be destroyed with an error after
<code>handshakeTimeout</code> timeout.</p>
<h3>tlsSocket.setMaxSendFragment(size)<span><a class="mark" href="#tls_tlssocket_setmaxsendfragment_size" id="tls_tlssocket_setmaxsendfragment_size">#</a></span></h3>
<div class="api_metadata">
<span>Added in: v0.11.11</span>
</div>
<ul>
<li><code>size</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a> The maximum TLS fragment size. The maximum value is <code>16384</code>.
<strong>Default:</strong> <code>16384</code>.</li>
<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a></li>
</ul>
<p>The <code>tlsSocket.setMaxSendFragment()</code> method sets the maximum TLS fragment size.
Returns <code>true</code> if setting the limit succeeded; <code>false</code> otherwise.</p>
<p>Smaller fragment sizes decrease the buffering latency on the client: larger
fragments are buffered by the TLS layer until the entire fragment is received
and its integrity is verified; large fragments can span multiple roundtrips
and their processing can be delayed due to packet loss or reordering. However,
smaller fragments add extra TLS framing bytes and CPU overhead, which may
decrease overall server throughput.</p>
<h2>tls.checkServerIdentity(hostname, cert)<a class="srclink" href="https://github.com/runkitdev/node/blob/cf1ce2bcc1a88ef6ff1bf745a19913a69607fb02/lib/tls.js#L169">[src]</a><span><a class="mark" href="#tls_tls_checkserveridentity_hostname_cert" id="tls_tls_checkserveridentity_hostname_cert">#</a></span></h2>
<div class="api_metadata">
<span>Added in: v0.8.4</span>
</div>
<ul>
<li><code>hostname</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> The host name or IP address to verify the certificate
against.</li>
<li><code>cert</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a> An object representing the peer's certificate. The returned
object has some properties corresponding to the fields of the certificate.</li>
<li>Returns: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Error" class="type"><Error></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Undefined_type" class="type"><undefined></a></li>
</ul>
<p>Verifies the certificate <code>cert</code> is issued to <code>hostname</code>.</p>
<p>Returns <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Error" class="type"><Error></a> object, populating it with <code>reason</code>, <code>host</code>, and <code>cert</code> on
failure. On success, returns <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Undefined_type" class="type"><undefined></a>.</p>
<p>This function can be overwritten by providing alternative function as part of
the <code>options.checkServerIdentity</code> option passed to <code>tls.connect()</code>. The
overwriting function can call <code>tls.checkServerIdentity()</code> of course, to augment
the checks done with additional verification.</p>
<p>This function is only called if the certificate passed all other checks, such as
being issued by trusted CA (<code>options.ca</code>).</p>
<p>The cert object contains the parsed certificate and will have a structure
similar to:</p>
<pre><code class="language-text">{ subject:
{ OU: [ 'Domain Control Validated', 'PositiveSSL Wildcard' ],
CN: '*.nodejs.org' },
issuer:
{ C: 'GB',
ST: 'Greater Manchester',
L: 'Salford',
O: 'COMODO CA Limited',
CN: 'COMODO RSA Domain Validation Secure Server CA' },
subjectaltname: 'DNS:*.nodejs.org, DNS:nodejs.org',
infoAccess:
{ 'CA Issuers - URI':
[ 'http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt' ],
'OCSP - URI': [ 'http://ocsp.comodoca.com' ] },
modulus: 'B56CE45CB740B09A13F64AC543B712FF9EE8E4C284B542A1708A27E82A8D151CA178153E12E6DDA15BF70FFD96CB8A88618641BDFCCA03527E665B70D779C8A349A6F88FD4EF6557180BD4C98192872BCFE3AF56E863C09DDD8BC1EC58DF9D94F914F0369102B2870BECFA1348A0838C9C49BD1C20124B442477572347047506B1FCD658A80D0C44BCC16BC5C5496CFE6E4A8428EF654CD3D8972BF6E5BFAD59C93006830B5EB1056BBB38B53D1464FA6E02BFDF2FF66CD949486F0775EC43034EC2602AEFBF1703AD221DAA2A88353C3B6A688EFE8387811F645CEED7B3FE46E1F8B9F59FAD028F349B9BC14211D5830994D055EEA3D547911E07A0ADDEB8A82B9188E58720D95CD478EEC9AF1F17BE8141BE80906F1A339445A7EB5B285F68039B0F294598A7D1C0005FC22B5271B0752F58CCDEF8C8FD856FB7AE21C80B8A2CE983AE94046E53EDE4CB89F42502D31B5360771C01C80155918637490550E3F555E2EE75CC8C636DDE3633CFEDD62E91BF0F7688273694EEEBA20C2FC9F14A2A435517BC1D7373922463409AB603295CEB0BB53787A334C9CA3CA8B30005C5A62FC0715083462E00719A8FA3ED0A9828C3871360A73F8B04A4FC1E71302844E9BB9940B77E745C9D91F226D71AFCAD4B113AAF68D92B24DDB4A2136B55A1CD1ADF39605B63CB639038ED0F4C987689866743A68769CC55847E4A06D6E2E3F1',
exponent: '0x10001',
pubkey: <buffer ="">,
valid_from: 'Aug 14 00:00:00 2017 GMT',
valid_to: 'Nov 20 23:59:59 2019 GMT',
fingerprint: '01:02:59:D9:C3:D2:0D:08:F7:82:4E:44:A4:B4:53:C5:E2:3A:87:4D',
fingerprint256: '69:AE:1A:6A:D4:3D:C6:C1:1B:EA:C6:23:DE:BA:2A:14:62:62:93:5C:7A:EA:06:41:9B:0B:BC:87:CE:48:4E:02',
ext_key_usage: [ '1.3.6.1.5.5.7.3.1', '1.3.6.1.5.5.7.3.2' ],
serialNumber: '66593D57F20CBC573E433381B5FEC280',
raw: <buffer =""> }</buffer></buffer></code></pre>
<h2>tls.connect(options[, callback])<span><a class="mark" href="#tls_tls_connect_options_callback" id="tls_tls_connect_options_callback">#</a></span></h2>
<div class="api_metadata">
<details class="changelog"><summary>History</summary>
<table>
<tbody><tr><th>Version</th><th>Changes</th></tr>
<tr><td>v8.0.0</td>
<td><p>The <code>lookup</code> option is supported now.</p></td></tr>
<tr><td>v8.0.0</td>
<td><p>The <code>ALPNProtocols</code> option can be a <code>TypedArray</code> or <code>DataView</code> now.</p></td></tr>
<tr><td>v5.3.0, v4.7.0</td>
<td><p>The <code>secureContext</code> option is supported now.</p></td></tr>
<tr><td>v5.0.0</td>
<td><p>ALPN options are supported now.</p></td></tr>
<tr><td>v0.11.3</td>
<td><p><span>Added in: v0.11.3</span></p></td></tr>
</tbody></table>
</details>
</div>
<ul>
<li>
<p><code>options</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object" class="type"><Object></a></p>
<ul>
<li><code>host</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Host the client should connect to. <strong>Default:</strong>
<code>'localhost'</code>.</li>
<li><code>port</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Number_type" class="type"><number></a> Port the client should connect to.</li>
<li><code>path</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Creates unix socket connection to path. If this option is
specified, <code>host</code> and <code>port</code> are ignored.</li>
<li><code>socket</code> <a href="stream.html#stream_class_stream_duplex" class="type"><stream.Duplex></a> Establish secure connection on a given socket
rather than creating a new socket. Typically, this is an instance of
<a href="net.html#net_class_net_socket"><code>net.Socket</code></a>, but any <code>Duplex</code> stream is allowed.
If this option is specified, <code>path</code>, <code>host</code> and <code>port</code> are ignored,
except for certificate validation. Usually, a socket is already connected
when passed to <code>tls.connect()</code>, but it can be connected later. Note that
connection/disconnection/destruction of <code>socket</code> is the user's
responsibility, calling <code>tls.connect()</code> will not cause <code>net.connect()</code> to be
called.</li>
<li><code>rejectUnauthorized</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Boolean_type" class="type"><boolean></a> If not <code>false</code>, the server certificate is
verified against the list of supplied CAs. An <code>'error'</code> event is emitted if
verification fails; <code>err.code</code> contains the OpenSSL error code. <strong>Default:</strong>
<code>true</code>.</li>
<li><code>ALPNProtocols</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string[]></a> | <a href="buffer.html#buffer_class_buffer" class="type"><Buffer[]></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray[]></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView[]></a> | <a href="buffer.html#buffer_class_buffer" class="type"><Buffer></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray" class="type"><TypedArray></a> | <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/DataView" class="type"><DataView></a>
An array of strings, <code>Buffer</code>s or <code>TypedArray</code>s or <code>DataView</code>s, or a
single <code>Buffer</code> or <code>TypedArray</code> or <code>DataView</code> containing the supported ALPN
protocols. <code>Buffer</code>s should have the format <code>[len][name][len][name]...</code>
e.g. <code>'\x08http/1.1\x08http/1.0'</code>, where the <code>len</code> byte is the length of the
next protocol name. Passing an array is usually much simpler, e.g.
<code>['http/1.1', 'http/1.0']</code>. Protocols earlier in the list have higher
preference than those later.</li>
<li><code>servername</code>: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#String_type" class="type"><string></a> Server name for the SNI (Server Name Indication) TLS
extension. It is the name of the host being connected to, and must be a host
name, and not an IP address. It can be used by a multi-homed server to
choose the correct certificate to present to the client, see the
<code>SNICallback</code> option to <a href="#tls_tls_createserver_options_secureconnectionlistener"><code>tls.createServer()</code></a>.</li>
<li><code>checkServerIdentity(servername, cert)</code> <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function" class="type"><Function></a> A callback function
to be used (instead of the builtin <code>tls.checkServerIdentity()</code> function)
when checking the server's hostname (or the provided <code>servername</code> when
explicitly set) against the certificate. This should return an <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Error" class="type"><Error></a> if