lukechilds
/
node
mirror of https://github.com/lukechilds/node.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

doc: Using ciphers with tls.connect() 

Refs #25270,#25271

Reviewed-By: Michael Dawson <mhdawsonibm@gmail.com>
PR-URL: https://github.com/joyent/node/pull/25325
v0.12.4-release
Chad Johnston 10 years ago
committed by Michael Dawson
parent
ebbb3560fa
commit
a294aeef03
1 changed files with 16 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 17
      doc/api/tls.markdown

17
doc/api/tls.markdown
View File

@ -182,7 +182,7 @@ automatically set as a listener for the [secureConnection][] event. The
on the format.
`ECDHE-RSA-AES128-SHA256`, `DHE-RSA-AES128-SHA256` and
`AES128-GCM-SHA256` are TLS v1.2 ciphers and used when node.js is
`AES128-GCM-SHA256` are TLS v1.2 ciphers and used when Node.js is
linked against OpenSSL 1.0.1 or newer, such as the bundled version
of OpenSSL. Note that it is still possible for a TLS v1.2 client
to negotiate a weaker cipher unless `honorCipherOrder` is enabled.
@ -341,6 +341,20 @@ Creates a new client connection to the given `port` and `host` (old API) or
- `path`: Creates unix socket connection to path. If this option is
specified, `host` and `port` are ignored.
- `ciphers`: A string describing the ciphers to use or exclude.
Defaults to
`ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:!RC4:!MD5:!aNULL`.
Consult the [OpenSSL cipher list format documentation] for details
on the format.
The full list of available ciphers can be obtained via [tls.getCiphers][].
`ECDHE-RSA-AES128-SHA256`, `DHE-RSA-AES128-SHA256` and
`AES128-GCM-SHA256` are TLS v1.2 ciphers and used when Node.js is
linked against OpenSSL 1.0.1 or newer, such as the bundled version
of OpenSSL.
- `pfx`: A string or `Buffer` containing the private key, certificate and
CA certs of the client in PFX or PKCS12 format.
@ -835,6 +849,7 @@ The numeric representation of the local port.
[OpenSSL cipher list format documentation]: http://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT
[BEAST attacks]: http://blog.ivanristic.com/2011/10/mitigating-the-beast-attack-on-tls.html
[tls.getCiphers]: #tls_tls_getciphers
[tls.createServer]: #tls_tls_createserver_options_secureconnectionlistener
[tls.createSecurePair]: #tls_tls_createsecurepair_credentials_isserver_requestcert_rejectunauthorized
[tls.TLSSocket]: #tls_class_tls_tlssocket

Write Preview
Loading…
Cancel
Save