Menu
Is there any sample code out there for https server using a SSLCertificateFile and SSLCertificateKeyFile authenticate with tls 1.2?
Any pointers to relevant samples would be highly appreciated.
ssllabs states it is vulnerable to DoS because it supports client-initiated renegotiation
and i can't get fusker's to create an ssl server
var https = require('https');
var fs = require('fs');
var fusker = require('fusker');
//var server = fusker.https.createServer(443);
//var io = fusker.socket.listen(server);
var options = {
key: fs.readFileSync('/etc/ssl/server.key'),
cert: fs.readFileSync('/etc/ssl/mathpdq.crt'),
ciphers: 'RC4-SHA:RC4:ECDHE-RSA-AES256-SHA:AES256-SHA:HIGH:!MD5:!aNULL:!EDH:!AESGCM',
honorCipherOrder: true
};
https.createServer(options, function (req, res) {
res.writeHead(200);
res.end("hello world\n");
}).listen(443);
218
Creating a https listener is easy but it's not clear whether you have specific issues creating one with TLS 1.2. Recent node builds against a new enough version of OpenSSL to pick up their 1.2 support.
Then you need both the ciphers and honorCipherOrder options as described here: http://nodejs.org/api/tls.html
e.g
var https = require('https');
var fs = require('fs');
var options = {
key: fs.readFileSync('my.key'),
cert: fs.readFileSync('my.crt'),
ciphers: 'ECDHE-RSA-AES256-SHA:AES256-SHA:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM',
honorCipherOrder: true
};
var server = https.createServer(options, function (req, res) {
...});
server.listen(443);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
