tls.createSecurePair([context][, isServer][, requestCert][, rejectUnauthorized][, options])
tls.TLSSocket
。context
<Object>tls.createSecureContext()
返回的安全上下文对象isServer
<boolean>true
指定此 TLS 连接应作为服务器打开。requestCert
<boolean>true
指定服务器是否应从连接的客户端请求证书。 仅在isServer
为true
时适用。rejectUnauthorized
<boolean> 如果不是false
,则服务器会自动拒绝证书无效的客户端。 仅在isServer
为true
时适用。options
enableTrace
: 参见tls.createServer()
secureContext
: 来自tls.createSecureContext()
的 TLS 上下文对象isServer
: 如果true
TLS 套接字将在服务器模式下实例化。 默认值:false
。server
<net.Server>net.Server
实例requestCert
: 参见tls.createServer()
rejectUnauthorized
: 参见tls.createServer()
ALPNProtocols
: 参见tls.createServer()
SNICallback
: 参见tls.createServer()
session
<Buffer> 包含 TLS 会话的Buffer
实例。requestOCSP
<boolean> 如果为true
,则指定将 OCSP 状态请求扩展添加到客户端 hello 并且在建立安全通信之前将在套接字上触发'OCSPResponse'
事件。
使用两个流创建新的安全对对象,其中一个读取和写入加密数据,另一个读取和写入明文数据。 通常,加密流通过管道传输到/从传入的加密数据流,明文用作初始加密流的替代。
tls.createSecurePair()
返回具有 cleartext
和 encrypted
流属性的 tls.SecurePair
对象。
使用 cleartext
与 tls.TLSSocket
具有相同的 API。
现在不推荐使用 tls.createSecurePair()
方法而支持 tls.TLSSocket()
。
例如代码:
pair = tls.createSecurePair(/* ... */);
pair.encrypted.pipe(socket);
socket.pipe(pair.encrypted);
可以替换为:
secureSocket = tls.TLSSocket(socket, options);
其中 secureSocket
与 pair.cleartext
具有相同的 API。
tls.TLSSocket
instead.context
<Object> A secure context object as returned bytls.createSecureContext()
isServer
<boolean>true
to specify that this TLS connection should be opened as a server.requestCert
<boolean>true
to specify whether a server should request a certificate from a connecting client. Only applies whenisServer
istrue
.rejectUnauthorized
<boolean> If notfalse
a server automatically reject clients with invalid certificates. Only applies whenisServer
istrue
.options
enableTrace
: Seetls.createServer()
secureContext
: A TLS context object fromtls.createSecureContext()
isServer
: Iftrue
the TLS socket will be instantiated in server-mode. Default:false
.server
<net.Server> Anet.Server
instancerequestCert
: Seetls.createServer()
rejectUnauthorized
: Seetls.createServer()
ALPNProtocols
: Seetls.createServer()
SNICallback
: Seetls.createServer()
session
<Buffer> ABuffer
instance containing a TLS session.requestOCSP
<boolean> Iftrue
, specifies that the OCSP status request extension will be added to the client hello and an'OCSPResponse'
event will be emitted on the socket before establishing a secure communication.
Creates a new secure pair object with two streams, one of which reads and writes the encrypted data and the other of which reads and writes the cleartext data. Generally, the encrypted stream is piped to/from an incoming encrypted data stream and the cleartext one is used as a replacement for the initial encrypted stream.
tls.createSecurePair()
returns a tls.SecurePair
object with cleartext
and
encrypted
stream properties.
Using cleartext
has the same API as tls.TLSSocket
.
The tls.createSecurePair()
method is now deprecated in favor of
tls.TLSSocket()
. For example, the code:
pair = tls.createSecurePair(/* ... */);
pair.encrypted.pipe(socket);
socket.pipe(pair.encrypted);
can be replaced by:
secureSocket = tls.TLSSocket(socket, options);
where secureSocket
has the same API as pair.cleartext
.