tls.createSecureContext(options)
Creates a credentials object; the options
object may contain the following fields:
-
pfx
: A string orBuffer
holding the PFX or PKCS12 encoded private key, certificate, and CA certificates. -
key
: A string orBuffer
containing the private key of the server in PEM format. To support multiple keys using different algorithms, an array can be provided. It can either be a plain array of keys or an array of objects in the format{pem: key, passphrase: passphrase}
. (Required) -
passphrase
: A string containing the passphrase for the private key or pfx. -
cert
: A string containing the PEM encoded certificate -
ca
: A string,Buffer
, array of strings, or array ofBuffer
s of trusted certificates in PEM format. If this is omitted several well known "root" CAs (like VeriSign) will be used. These are used to authorize connections. -
crl
: Either a string or list of strings of PEM encoded CRLs (Certificate Revocation List). -
ciphers
: A string describing the ciphers to use or exclude. Consult https://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT for details on the format. -
honorCipherOrder
: When choosing a cipher, use the server's preferences instead of the client preferences. For further details seetls
module documentation.
If no 'CA' details are given, then Node.js will use the default publicly trusted list of CAs as given in
http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt.
Please login to continue.