2012-02-27 20:09:34 +01:00
|
|
|
# HTTPS
|
2011-01-21 22:12:35 +01:00
|
|
|
|
2015-02-25 01:15:26 +01:00
|
|
|
Stability: 2 - Stable
|
2012-03-03 00:14:03 +01:00
|
|
|
|
2015-08-13 18:14:34 +02:00
|
|
|
HTTPS is the HTTP protocol over TLS/SSL. In Node.js this is implemented as a
|
2011-01-21 22:12:35 +01:00
|
|
|
separate module.
|
|
|
|
|
2015-11-04 23:59:28 +01:00
|
|
|
## Class: https.Agent
|
|
|
|
|
|
|
|
An Agent object for HTTPS similar to [http.Agent][]. See [https.request()][]
|
|
|
|
for more information.
|
|
|
|
|
2012-02-27 20:09:34 +01:00
|
|
|
## Class: https.Server
|
2011-04-28 09:36:04 +02:00
|
|
|
|
|
|
|
This class is a subclass of `tls.Server` and emits events same as
|
|
|
|
`http.Server`. See `http.Server` for more information.
|
|
|
|
|
2013-04-30 12:43:32 +02:00
|
|
|
### server.setTimeout(msecs, callback)
|
|
|
|
|
|
|
|
See [http.Server#setTimeout()][].
|
|
|
|
|
|
|
|
### server.timeout
|
|
|
|
|
|
|
|
See [http.Server#timeout][].
|
|
|
|
|
2014-09-25 00:41:31 +02:00
|
|
|
## https.createServer(options[, requestListener])
|
2011-04-28 09:36:04 +02:00
|
|
|
|
2011-11-26 03:26:11 +01:00
|
|
|
Returns a new HTTPS web server object. The `options` is similar to
|
2012-06-06 21:05:18 +02:00
|
|
|
[tls.createServer()][]. The `requestListener` is a function which is
|
|
|
|
automatically added to the `'request'` event.
|
2011-01-21 22:12:35 +01:00
|
|
|
|
|
|
|
Example:
|
|
|
|
|
|
|
|
// curl -k https://localhost:8000/
|
|
|
|
var https = require('https');
|
|
|
|
var fs = require('fs');
|
|
|
|
|
|
|
|
var options = {
|
|
|
|
key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'),
|
|
|
|
cert: fs.readFileSync('test/fixtures/keys/agent2-cert.pem')
|
|
|
|
};
|
|
|
|
|
|
|
|
https.createServer(options, function (req, res) {
|
|
|
|
res.writeHead(200);
|
|
|
|
res.end("hello world\n");
|
|
|
|
}).listen(8000);
|
|
|
|
|
2012-05-13 21:38:23 +02:00
|
|
|
Or
|
|
|
|
|
|
|
|
var https = require('https');
|
|
|
|
var fs = require('fs');
|
|
|
|
|
|
|
|
var options = {
|
|
|
|
pfx: fs.readFileSync('server.pfx')
|
|
|
|
};
|
|
|
|
|
|
|
|
https.createServer(options, function (req, res) {
|
|
|
|
res.writeHead(200);
|
|
|
|
res.end("hello world\n");
|
|
|
|
}).listen(8000);
|
2011-01-21 22:12:35 +01:00
|
|
|
|
2015-11-04 23:59:28 +01:00
|
|
|
### server.close([callback])
|
|
|
|
|
|
|
|
See [http.close()][] for details.
|
2012-10-08 19:10:29 +02:00
|
|
|
|
2014-09-25 00:41:31 +02:00
|
|
|
### server.listen(handle[, callback])
|
2015-11-04 23:59:28 +01:00
|
|
|
### server.listen(path[, callback])
|
|
|
|
### server.listen(port[, host][, backlog][, callback])
|
2012-10-08 19:10:29 +02:00
|
|
|
|
|
|
|
See [http.listen()][] for details.
|
|
|
|
|
2015-11-04 23:59:28 +01:00
|
|
|
## https.get(options, callback)
|
2012-10-08 19:10:29 +02:00
|
|
|
|
2015-11-04 23:59:28 +01:00
|
|
|
Like `http.get()` but for HTTPS.
|
|
|
|
|
|
|
|
`options` can be an object or a string. If `options` is a string, it is
|
2015-11-14 04:21:49 +01:00
|
|
|
automatically parsed with [url.parse()][].
|
2015-11-04 23:59:28 +01:00
|
|
|
|
|
|
|
Example:
|
|
|
|
|
|
|
|
var https = require('https');
|
|
|
|
|
|
|
|
https.get('https://encrypted.google.com/', function(res) {
|
|
|
|
console.log("statusCode: ", res.statusCode);
|
|
|
|
console.log("headers: ", res.headers);
|
|
|
|
|
|
|
|
res.on('data', function(d) {
|
|
|
|
process.stdout.write(d);
|
|
|
|
});
|
|
|
|
|
|
|
|
}).on('error', function(e) {
|
|
|
|
console.error(e);
|
|
|
|
});
|
|
|
|
|
|
|
|
## https.globalAgent
|
|
|
|
|
|
|
|
Global instance of [https.Agent][] for all HTTPS client requests.
|
|
|
|
|
2011-01-21 22:21:01 +01:00
|
|
|
## https.request(options, callback)
|
2011-01-21 22:12:35 +01:00
|
|
|
|
2012-08-18 07:18:02 +02:00
|
|
|
Makes a request to a secure web server.
|
|
|
|
|
|
|
|
`options` can be an object or a string. If `options` is a string, it is
|
2015-11-14 04:21:49 +01:00
|
|
|
automatically parsed with [url.parse()][].
|
2012-08-18 07:18:02 +02:00
|
|
|
|
|
|
|
All options from [http.request()][] are valid.
|
2011-01-21 22:12:35 +01:00
|
|
|
|
|
|
|
Example:
|
|
|
|
|
|
|
|
var https = require('https');
|
|
|
|
|
|
|
|
var options = {
|
2012-10-29 04:16:40 +01:00
|
|
|
hostname: 'encrypted.google.com',
|
2011-01-21 22:12:35 +01:00
|
|
|
port: 443,
|
|
|
|
path: '/',
|
|
|
|
method: 'GET'
|
|
|
|
};
|
|
|
|
|
|
|
|
var req = https.request(options, function(res) {
|
|
|
|
console.log("statusCode: ", res.statusCode);
|
|
|
|
console.log("headers: ", res.headers);
|
|
|
|
|
|
|
|
res.on('data', function(d) {
|
|
|
|
process.stdout.write(d);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
req.end();
|
|
|
|
|
|
|
|
req.on('error', function(e) {
|
|
|
|
console.error(e);
|
|
|
|
});
|
|
|
|
|
2011-03-10 22:34:35 +01:00
|
|
|
The options argument has the following options
|
|
|
|
|
2011-10-22 16:40:15 +02:00
|
|
|
- `host`: A domain name or IP address of the server to issue the request to.
|
|
|
|
Defaults to `'localhost'`.
|
2015-04-28 18:30:58 +02:00
|
|
|
- `hostname`: Alias for `host`. To support `url.parse()` `hostname` is
|
|
|
|
preferred over `host`.
|
|
|
|
- `family`: IP address family to use when resolving `host` and `hostname`.
|
|
|
|
Valid values are `4` or `6`. When unspecified, both IP v4 and v6 will be
|
|
|
|
used.
|
2011-10-22 16:40:15 +02:00
|
|
|
- `port`: Port of remote server. Defaults to 443.
|
2015-04-28 18:30:58 +02:00
|
|
|
- `localAddress`: Local interface to bind for network connections.
|
|
|
|
- `socketPath`: Unix Domain Socket (use one of host:port or socketPath).
|
2011-10-22 16:40:15 +02:00
|
|
|
- `method`: A string specifying the HTTP request method. Defaults to `'GET'`.
|
|
|
|
- `path`: Request path. Defaults to `'/'`. Should include query string if any.
|
2015-04-28 18:30:58 +02:00
|
|
|
E.G. `'/index.html?page=12'`. An exception is thrown when the request path
|
|
|
|
contains illegal characters. Currently, only spaces are rejected but that
|
|
|
|
may change in the future.
|
2011-10-22 16:40:15 +02:00
|
|
|
- `headers`: An object containing request headers.
|
|
|
|
- `auth`: Basic authentication i.e. `'user:password'` to compute an
|
|
|
|
Authorization header.
|
2012-06-06 21:05:18 +02:00
|
|
|
- `agent`: Controls [Agent][] behavior. When an Agent is used request will
|
|
|
|
default to `Connection: keep-alive`. Possible values:
|
|
|
|
- `undefined` (default): use [globalAgent][] for this host and port.
|
2011-10-22 16:40:15 +02:00
|
|
|
- `Agent` object: explicitly use the passed in `Agent`.
|
|
|
|
- `false`: opts out of connection pooling with an Agent, defaults request to
|
|
|
|
`Connection: close`.
|
|
|
|
|
2012-06-06 21:05:18 +02:00
|
|
|
The following options from [tls.connect()][] can also be specified. However, a
|
|
|
|
[globalAgent][] silently ignores these.
|
2011-10-22 16:40:15 +02:00
|
|
|
|
2012-05-13 21:38:23 +02:00
|
|
|
- `pfx`: Certificate, Private key and CA certificates to use for SSL. Default `null`.
|
2011-10-22 16:40:15 +02:00
|
|
|
- `key`: Private key to use for SSL. Default `null`.
|
2012-05-13 21:38:23 +02:00
|
|
|
- `passphrase`: A string of passphrase for the private key or pfx. Default `null`.
|
2011-10-22 16:40:15 +02:00
|
|
|
- `cert`: Public x509 certificate to use. Default `null`.
|
|
|
|
- `ca`: An authority certificate or array of authority certificates to check
|
2011-03-10 22:34:35 +01:00
|
|
|
the remote host against.
|
2012-02-25 15:17:05 +01:00
|
|
|
- `ciphers`: A string describing the ciphers to use or exclude. Consult
|
|
|
|
<http://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT> for
|
|
|
|
details on the format.
|
2011-12-07 14:47:06 +01:00
|
|
|
- `rejectUnauthorized`: If `true`, the server certificate is verified against
|
|
|
|
the list of supplied CAs. An `'error'` event is emitted if verification
|
|
|
|
fails. Verification happens at the connection level, *before* the HTTP
|
2012-08-30 15:14:37 +02:00
|
|
|
request is sent. Default `true`.
|
2013-05-15 21:16:09 +02:00
|
|
|
- `secureProtocol`: The SSL method to use, e.g. `SSLv3_method` to force
|
|
|
|
SSL version 3. The possible values depend on your installation of
|
|
|
|
OpenSSL and are defined in the constant [SSL_METHODS][].
|
2011-03-10 22:34:35 +01:00
|
|
|
|
2011-09-14 13:17:30 +02:00
|
|
|
In order to specify these options, use a custom `Agent`.
|
|
|
|
|
|
|
|
Example:
|
|
|
|
|
|
|
|
var options = {
|
2012-10-29 04:16:40 +01:00
|
|
|
hostname: 'encrypted.google.com',
|
2011-09-14 13:17:30 +02:00
|
|
|
port: 443,
|
|
|
|
path: '/',
|
|
|
|
method: 'GET',
|
|
|
|
key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'),
|
2011-09-14 16:48:42 +02:00
|
|
|
cert: fs.readFileSync('test/fixtures/keys/agent2-cert.pem')
|
2011-09-14 13:17:30 +02:00
|
|
|
};
|
|
|
|
options.agent = new https.Agent(options);
|
|
|
|
|
|
|
|
var req = https.request(options, function(res) {
|
|
|
|
...
|
|
|
|
}
|
|
|
|
|
2015-11-30 19:40:02 +01:00
|
|
|
Alternatively, opt out of connection pooling by not using an `Agent`.
|
2011-09-14 13:17:30 +02:00
|
|
|
|
|
|
|
Example:
|
|
|
|
|
|
|
|
var options = {
|
2012-10-29 04:16:40 +01:00
|
|
|
hostname: 'encrypted.google.com',
|
2011-09-14 13:17:30 +02:00
|
|
|
port: 443,
|
|
|
|
path: '/',
|
|
|
|
method: 'GET',
|
|
|
|
key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'),
|
2011-09-14 16:48:42 +02:00
|
|
|
cert: fs.readFileSync('test/fixtures/keys/agent2-cert.pem'),
|
2011-09-14 13:17:30 +02:00
|
|
|
agent: false
|
|
|
|
};
|
|
|
|
|
|
|
|
var req = https.request(options, function(res) {
|
|
|
|
...
|
|
|
|
}
|
2015-11-14 04:21:49 +01:00
|
|
|
|
|
|
|
[http.Server#setTimeout()]: http.html#http_server_settimeout_msecs_callback
|
|
|
|
[http.Server#timeout]: http.html#http_server_timeout
|
|
|
|
[Agent]: #https_class_https_agent
|
|
|
|
[globalAgent]: #https_https_globalagent
|
|
|
|
[http.listen()]: http.html#http_server_listen_port_hostname_backlog_callback
|
|
|
|
[url.parse()]: url.html#url_url_parse_urlstr_parsequerystring_slashesdenotehost
|
|
|
|
[http.close()]: http.html#http_server_close_callback
|
|
|
|
[http.Agent]: http.html#http_class_http_agent
|
|
|
|
[http.request()]: http.html#http_http_request_options_callback
|
|
|
|
[https.Agent]: #https_class_https_agent
|
|
|
|
[https.request()]: #https_https_request_options_callback
|
|
|
|
[tls.connect()]: tls.html#tls_tls_connect_options_callback
|
|
|
|
[tls.createServer()]: tls.html#tls_tls_createserver_options_secureconnectionlistener
|
|
|
|
[SSL_METHODS]: http://www.openssl.org/docs/ssl/ssl.html#DEALING_WITH_PROTOCOL_METHODS
|