Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Easier access to the TLS securePair for HTTPS client #5507

Open
rustyconover opened this Issue · 2 comments

2 participants

@rustyconover

Right now its really tricky to access the TLS secure pair from the HTTPS client. The solution I found is:

var HTTPS = require('https');
var util = require('util');

var request = HTTPS.request({
        host: 'www.google.com',
        port: 443,
        method: 'GET',
        path: '/',
        secureProtocol: 'SSLv3_method',
    }, function(resp) {
    resp.on('data', function(chunk)  {});
    resp.on('end', function() { });
    });

request.on('socket', function(sock) {
        sock.pair.once('secure', function() {
                var cert_info = this.cleartext.getPeerCertificate();
        console.log(util.inspect(cert_info));
            });
    }); 

request.end();

To do certificate pinning or enforce a particular cipher there I'd suggest there be an easier way.

@bnoordhuis

There aren't many shortcuts available. First you have to establish the TCP connection, then the SSL/TLS session and only then is the SecurePair available. At best, we could forward the 'secure' event to the request object but that only saves you two lines of code.

@rustyconover

I think doing that would be a better way to do it, because if secure pairs are changed into something else the API would still continue to work in the future since its simply an event rather then an implementation detail on a socket.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.