tls.createSecurePair([context][, isServer][, requestCert][, rejectUnauthorized][, options])

• context <Object> tls.createSecureContext() 返回的安全上下文对象
• isServer <boolean> true 指定此 TLS 连接应作为服务器打开。
• requestCert <boolean> true 指定服务器是否应从连接的客户端请求证书。 仅在 isServer 为 true 时适用。
• rejectUnauthorized <boolean> 如果不是 false，则服务器会自动拒绝证书无效的客户端。 仅在 isServer 为 true 时适用。
• options
  • enableTrace: 参见 tls.createServer()
  • secureContext: 来自 tls.createSecureContext() 的 TLS 上下文对象
  • isServer: 如果 true TLS 套接字将在服务器模式下实例化。 默认值: false。
  • server <net.Server> net.Server 实例
  • requestCert: 参见 tls.createServer()
  • rejectUnauthorized: 参见 tls.createServer()
  • ALPNProtocols: 参见 tls.createServer()
  • SNICallback: 参见 tls.createServer()
  • session <Buffer> 包含 TLS 会话的 Buffer 实例。
  • requestOCSP <boolean> 如果为 true，则指定将 OCSP 状态请求扩展添加到客户端 hello 并且在建立安全通信之前将在套接字上触发 'OCSPResponse' 事件。

使用两个流创建新的安全对对象，其中一个读取和写入加密数据，另一个读取和写入明文数据。 通常，加密流通过管道传输到/从传入的加密数据流，明文用作初始加密流的替代。

tls.createSecurePair() 返回具有 cleartext 和 encrypted 流属性的 tls.SecurePair 对象。

使用 cleartext 与 tls.TLSSocket 具有相同的 API。

现在不推荐使用 tls.createSecurePair() 方法而支持 tls.TLSSocket()。 例如代码：

pair = tls.createSecurePair(/* ... */);
pair.encrypted.pipe(socket);
socket.pipe(pair.encrypted);

可以替换为：

secureSocket = tls.TLSSocket(socket, options);

其中 secureSocket 与 pair.cleartext 具有相同的 API。

• context <Object> A secure context object as returned by tls.createSecureContext()
• isServer <boolean> true to specify that this TLS connection should be opened as a server.
• requestCert <boolean> true to specify whether a server should request a certificate from a connecting client. Only applies when isServer is true.
• rejectUnauthorized <boolean> If not false a server automatically reject clients with invalid certificates. Only applies when isServer is true.
• options
  • enableTrace: See tls.createServer()
  • secureContext: A TLS context object from tls.createSecureContext()
  • isServer: If true the TLS socket will be instantiated in server-mode. Default: false.
  • server <net.Server> A net.Server instance
  • requestCert: See tls.createServer()
  • rejectUnauthorized: See tls.createServer()
  • ALPNProtocols: See tls.createServer()
  • SNICallback: See tls.createServer()
  • session <Buffer> A Buffer instance containing a TLS session.
  • requestOCSP <boolean> If true, specifies that the OCSP status request extension will be added to the client hello and an 'OCSPResponse' event will be emitted on the socket before establishing a secure communication.

Creates a new secure pair object with two streams, one of which reads and writes the encrypted data and the other of which reads and writes the cleartext data. Generally, the encrypted stream is piped to/from an incoming encrypted data stream and the cleartext one is used as a replacement for the initial encrypted stream.

tls.createSecurePair() returns a tls.SecurePair object with cleartext and encrypted stream properties.

Using cleartext has the same API as tls.TLSSocket.

The tls.createSecurePair() method is now deprecated in favor of tls.TLSSocket(). For example, the code:

pair = tls.createSecurePair(/* ... */);
pair.encrypted.pipe(socket);
socket.pipe(pair.encrypted);

can be replaced by:

secureSocket = tls.TLSSocket(socket, options);

where secureSocket has the same API as pair.cleartext.