const tls = require(‘tls‘); const fs = require(‘fs‘); const options = { key: fs.readFileSync(‘my_key.pem‘), cert: fs.readFileSync(‘my_cert.pem‘), // This is necessary only if using the client certificate authentication. requestCert: false, // This is necessary only if the client uses the self-signed certificate. ca: [fs.readFileSync(‘user_cert.pem‘)] }; const server = tls.createServer(options, (socket) => { console.log(‘server connected‘, socket.authorized ? ‘authorized‘ : ‘unauthorized‘); socket.write(‘welcome!\n‘); socket.setEncoding(‘utf8‘); socket.pipe(socket); }); server.listen(8000, () => { console.log(‘server bound‘); });
const tls = require(‘tls‘); const fs = require(‘fs‘); const options = { // Necessary only if using the client certificate authentication key: fs.readFileSync(‘user_key.pem‘), cert: fs.readFileSync(‘user_cert.pem‘), rejectUnauthorized: false, // Necessary only if the server uses the self-signed certificate ca: [fs.readFileSync(‘my_cert.pem‘)] }; const socket = tls.connect(8000, options, () => { console.log(‘client connected‘, socket.authorized ? ‘authorized‘ : ‘unauthorized‘); process.stdin.pipe(socket); process.stdin.resume(); }); socket.setEncoding(‘utf8‘); socket.on(‘data‘, (data) => { console.log(data); }); socket.on(‘end‘, () => { server.close(); });
密钥:摘自nodejs 官方文档
openssl genrsa -out ryans-key.pem 2048;
openssl req -new -sha256 -key ryans-key.pem -out ryans-csr.pem;
openssl x509 -req -in ryans-csr.pem -signkey ryans-key.pem -out ryans-cert.pem
时间: 2024-10-17 00:47:53