Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface TLSSocketOptions

Hierarchy

Index

Properties

Optional ALPNProtocols

ALPNProtocols: string[] | Uint8Array[] | Uint8Array

An array of strings or a Buffer naming possible ALPN protocols. (Protocols should be ordered by their priority.)

Optional SNICallback

SNICallback: function

SNICallback(servername, cb) A function that will be called if the client supports SNI TLS extension. Two arguments will be passed when called: servername and cb. SNICallback should invoke cb(null, ctx), where ctx is a SecureContext instance. (tls.createSecureContext(...) can be used to get a proper SecureContext.) If SNICallback wasn't provided the default callback with high-level API will be used (see below).

Type declaration

    • (servername: string, cb: function): void
    • Parameters

      • servername: string
      • cb: function

      Returns void

Optional ca

ca: string | Buffer | Array<string | Buffer>

Optional cert

cert: string | Buffer | Array<string | Buffer>

Optional ciphers

ciphers: string

Optional clientCertEngine

clientCertEngine: string

Optional crl

crl: string | Buffer | Array<string | Buffer>

Optional dhparam

dhparam: string | Buffer

Optional ecdhCurve

ecdhCurve: string

Optional enableTrace

enableTrace: boolean

When enabled, TLS packet trace information is written to stderr. This can be used to debug TLS connection problems.

default

false

Optional honorCipherOrder

honorCipherOrder: boolean

Optional isServer

isServer: boolean

If true the TLS socket will be instantiated in server-mode. Defaults to false.

Optional key

key: string | Buffer | Array<Buffer | Object>

Optional maxVersion

maxVersion: SecureVersion

Optionally set the maximum TLS version to allow. One of 'TLSv1.3', 'TLSv1.2', 'TLSv1.1', or 'TLSv1'. Cannot be specified along with the secureProtocol option, use one or the other. Default: 'TLSv1.3', unless changed using CLI options. Using --tls-max-v1.2 sets the default to 'TLSv1.2'. Using --tls-max-v1.3 sets the default to 'TLSv1.3'. If multiple of the options are provided, the highest maximum is used.

Optional minVersion

minVersion: SecureVersion

Optionally set the minimum TLS version to allow. One of 'TLSv1.3', 'TLSv1.2', 'TLSv1.1', or 'TLSv1'. Cannot be specified along with the secureProtocol option, use one or the other. It is not recommended to use less than TLSv1.2, but it may be required for interoperability. Default: 'TLSv1.2', unless changed using CLI options. Using --tls-v1.0 sets the default to 'TLSv1'. Using --tls-v1.1 sets the default to 'TLSv1.1'. Using --tls-min-v1.3 sets the default to 'TLSv1.3'. If multiple of the options are provided, the lowest minimum is used.

Optional passphrase

passphrase: string

Optional pfx

pfx: string | Buffer | Array<string | Buffer | Object>

Optional rejectUnauthorized

rejectUnauthorized: boolean

If true the server will reject any connection which is not authorized with the list of supplied CAs. This option only has an effect if requestCert is true.

default

true

Optional requestCert

requestCert: boolean

If true the server will request a certificate from clients that connect and attempt to verify that certificate. Defaults to false.

Optional requestOCSP

requestOCSP: boolean

If true, specifies that the OCSP status request extension will be added to the client hello and an 'OCSPResponse' event will be emitted on the socket before establishing a secure communication

Optional secureContext

secureContext: SecureContext

An optional TLS context object from tls.createSecureContext()

Optional secureOptions

secureOptions: number

Optional secureProtocol

secureProtocol: string

Optional server

server: Server

An optional net.Server instance.

Optional session

session: Buffer

An optional Buffer instance containing a TLS session.

Optional sessionIdContext

sessionIdContext: string

Generated using TypeDoc