tlsSocket.getTLSTicket()

tlsSocket.getTLSTicket() NOTE: Works only with client TLS sockets. Useful only for debugging, for session reuse provide session option to tls.connect(). Returns the TLS session ticket or undefined if none was negotiated.

tlsSocket.getSession()

tlsSocket.getSession() Returns the ASN.1 encoded TLS session or undefined if none was negotiated. Could be used to speed up handshake establishment when reconnecting to the server.

tlsSocket.getProtocol()

tlsSocket.getProtocol() Returns a string containing the negotiated SSL/TLS protocol version of the current connection. 'unknown' will be returned for connected sockets that have not completed the handshaking process. null will be returned for server sockets or disconnected client sockets. Examples: 'SSLv3' 'TLSv1' 'TLSv1.1' 'TLSv1.2' 'unknown' See https://www.openssl.org/docs/manmaster/ssl/SSL_get_version.html for more information.

tlsSocket.getPeerCertificate()

tlsSocket.getPeerCertificate([ detailed ]) Returns an object representing the peer's certificate. The returned object has some properties corresponding to the fields of the certificate. If the detailed argument is true the full chain with the issuer property will be returned, if false only the top certificate without the issuer property. Example: { subject: { C: 'UK', ST: 'Acknack Ltd', L: 'Rhys Jones', O: 'node.js', OU: 'Test TLS Certificate', CN: 'localhost' },

tlsSocket.getEphemeralKeyInfo()

tlsSocket.getEphemeralKeyInfo() Returns an object representing the type, name, and size of parameter of an ephemeral key exchange in Perfect Forward Secrecy on a client connection. It returns an empty object when the key exchange is not ephemeral. As this is only supported on a client socket, it returns null if called on a server socket. The supported types are 'DH' and 'ECDH'. The name property is only available in 'ECDH'. Example: { type: 'ECDH', name: 'prime256v1', size: 256 }

tlsSocket.getCipher()

tlsSocket.getCipher() Returns an object representing the cipher name and the SSL/TLS protocol version that first defined the cipher. Example: { name: 'AES256-SHA', version: 'TLSv1/SSLv3' } See SSL_CIPHER_get_name() and SSL_CIPHER_get_version() in https://www.openssl.org/docs/manmaster/ssl/SSL_CIPHER_get_name.html for more information.

tlsSocket.encrypted

tlsSocket.encrypted Static boolean value, always true. May be used to distinguish TLS sockets from regular ones.

tlsSocket.authorized

tlsSocket.authorized A boolean that is true if the peer certificate was signed by one of the specified CAs, otherwise false.

tlsSocket.authorizationError

tlsSocket.authorizationError The reason why the peer's certificate has not been verified. This property becomes available only when tlsSocket.authorized === false.

tlsSocket.address()

tlsSocket.address() Returns the bound address, the address family name, and port of the underlying socket as reported by the operating system. Returns an object with three properties, e.g., { port: 12346, family: 'IPv4', address: '127.0.0.1' }