This repository has been archived by the owner. It is now read-only.

Easier access to the TLS securePair for HTTPS client #5507

Open
rustyconover opened this Issue May 20, 2013 · 2 comments

Comments

Projects
None yet
3 participants

Right now its really tricky to access the TLS secure pair from the HTTPS client. The solution I found is:

var HTTPS = require('https');
var util = require('util');

var request = HTTPS.request({
        host: 'www.google.com',
        port: 443,
        method: 'GET',
        path: '/',
        secureProtocol: 'SSLv3_method',
    }, function(resp) {
    resp.on('data', function(chunk)  {});
    resp.on('end', function() { });
    });

request.on('socket', function(sock) {
        sock.pair.once('secure', function() {
                var cert_info = this.cleartext.getPeerCertificate();
        console.log(util.inspect(cert_info));
            });
    }); 

request.end();

To do certificate pinning or enforce a particular cipher there I'd suggest there be an easier way.

Member

bnoordhuis commented May 20, 2013

There aren't many shortcuts available. First you have to establish the TCP connection, then the SSL/TLS session and only then is the SecurePair available. At best, we could forward the 'secure' event to the request object but that only saves you two lines of code.

I think doing that would be a better way to do it, because if secure pairs are changed into something else the API would still continue to work in the future since its simply an event rather then an implementation detail on a socket.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.