nodejs TLS 只加密,未授权,进一步完善

Posted maomingchao

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了nodejs TLS 只加密,未授权,进一步完善相关的知识,希望对你有一定的参考价值。

const tls = require(‘tls‘);
const fs = require(‘fs‘);

const options = {
    key: fs.readFileSync(‘my_key.pem‘),
    cert: fs.readFileSync(‘my_cert.pem‘),

    // This is necessary only if using the client certificate authentication.
    requestCert: false,

    // This is necessary only if the client uses the self-signed certificate.
    ca: [fs.readFileSync(‘user_cert.pem‘)]
};

const server = tls.createServer(options, (socket) => {
    console.log(‘server connected‘,
        socket.authorized ? ‘authorized‘ : ‘unauthorized‘);
    socket.write(‘welcome!\n‘);
    socket.setEncoding(‘utf8‘);
    socket.pipe(socket);
});
server.listen(8000, () => {
    console.log(‘server bound‘);
});

  

const tls = require(‘tls‘);
const fs = require(‘fs‘);

const options = {
    // Necessary only if using the client certificate authentication
    key: fs.readFileSync(‘user_key.pem‘),
    cert: fs.readFileSync(‘user_cert.pem‘),
    rejectUnauthorized: false,
    // Necessary only if the server uses the self-signed certificate
    ca: [fs.readFileSync(‘my_cert.pem‘)]
};

const socket = tls.connect(8000, options, () => {
    console.log(‘client connected‘,
        socket.authorized ? ‘authorized‘ : ‘unauthorized‘);
    process.stdin.pipe(socket);
    process.stdin.resume();
});
socket.setEncoding(‘utf8‘);
socket.on(‘data‘, (data) => {
    console.log(data);
});
socket.on(‘end‘, () => {
    server.close();
});

 

密钥:摘自nodejs 官方文档

openssl genrsa -out ryans-key.pem 2048;
openssl req -new -sha256 -key ryans-key.pem -out ryans-csr.pem;
openssl x509 -req -in ryans-csr.pem -signkey ryans-key.pem -out ryans-cert.pem
 


以上是关于nodejs TLS 只加密,未授权,进一步完善的主要内容,如果未能解决你的问题,请参考以下文章

TLS 1.3:网络安全加密升级

Docker-TLS 加密通讯

开启 TLS 1.3 加密协议,极速 HTTPS 体验

TLS协议扫盲(握手,非对称加密,证书,电子签名等)

又拍云 CDN 正式支持 TLS 1.3 加密协议,一键开启极速 HTTPS 体验

HttpCannary根证书未安装,无法抓取SSL,TLS加密数据包问题解决方法