节点js tls1.2和身份验证
[英]node js tls1.2 and authentication
问题描述
Is there any sample code out there for https server using a SSLCertificateFile and SSLCertificateKeyFile authenticate with tls 1.2? 
是否有任何示例代码用于https服务器使用SSLCertificateFile和SSLCertificateKeyFile使用tls 1.2进行身份验证?
Any pointers to relevant samples would be highly appreciated. 任何指向相关样本的指针都将受到高度赞赏。
ssllabs states it is vulnerable to DoS because it supports client-initiated renegotiation ssllabs声称它易受DoS攻击,因为它支持客户端启动的重新协商
and i can't get fusker's to create an ssl server 我无法让fusker创建一个ssl服务器
var https = require('https');
var fs = require('fs');
var fusker = require('fusker');
//var server = fusker.https.createServer(443);
//var io = fusker.socket.listen(server);
var options = {
key: fs.readFileSync('/etc/ssl/server.key'),
cert: fs.readFileSync('/etc/ssl/mathpdq.crt'),
ciphers: 'RC4-SHA:RC4:ECDHE-RSA-AES256-SHA:AES256-SHA:HIGH:!MD5:!aNULL:!EDH:!AESGCM',
honorCipherOrder: true
};
https.createServer(options, function (req, res) {
res.writeHead(200);
res.end("hello world\n");
}).listen(443);
1 个解决方案
解决方案1
6 已采纳 2012-11-18 16:58:58
Creating a https listener is easy but it's not clear whether you have specific issues creating one with TLS 1.2. 创建https监听器很简单,但是不清楚是否存在使用TLS 1.2创建监听器的特定问题。 Recent node builds against a new enough version of OpenSSL to pick up their 1.2 support. 最近的节点针对足够新的OpenSSL版本构建,以获得1.2支持。
Then you need both the ciphers and honorCipherOrder options as described here: http://nodejs.org/api/tls.html 然后你需要密码和honorCipherOrder选项,如下所述: http ://nodejs.org/api/tls.html
eg 例如
var https = require('https');
var fs = require('fs');
var options = {
key: fs.readFileSync('my.key'),
cert: fs.readFileSync('my.crt'),
ciphers: 'ECDHE-RSA-AES256-SHA:AES256-SHA:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM',
honorCipherOrder: true
};
var server = https.createServer(options, function (req, res) {
...});
server.listen(443);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.