nodejs建立TLS服務，nodejs建立tls

nodejs建立TLS服務，nodejs建立tls
nodejs建立TLS服務by 伍雪穎
server.js

var tls = require('tls');var fs = require('fs');var options = {     key: fs.readFileSync('./keys/server.key'),     cert: fs.readFileSync('./keys/server.crt'),     requestCert: true,     ca: [ fs.readFileSync('./keys/ca.crt')]};var server = tls.createServer(options,function(stream) {     console.log('server connected',stream.authorized?'authorized':'unauthorized');     stream.write("welcome!\n");     stream.setEncoding('utf8');     stream.pipe(stream);});server.listen(8000,function() {     console.log('server bound');});

client.js

var tls = require('tls');var fs = require('fs');var options = {     key: fs.readFileSync('./keys/client.key'),     cert: fs.readFileSync('./keys/client.crt'),     ca: [ fs.readFileSync('./keys/ca.crt')]};var stream = tls.connect(8000,options,function() {     console.log('client connected',stream.authorized?'authorized':'unauthorized');     process.stdin.pipe(stream);});stream.setEncoding('utf8');stream.on('data',function(data) {     console.log(data);});stream.on('end',function() {     server.close();});

認證產生:server.key,client.keyopenssl genrsa -out server.key 1024openssl genrsa -out client.key 1024
ca.crtopenssl genrsa -out ca.key 1024openssl req -new -key ca.key -out ca.csropenssl x509 -req -in ca.csr -signkey ca.key -out ca.crt
server.crtopenssl req -new -key server.key -out server.csropenssl x509 -req -CA ca.crt -CAkey ca.key -CAcreateserial -in server.csr -out server.crt
client.crtopenssl req -new -key client.key -out client.csropenssl x509 -req -CA ca.crt -CAkey ca.key -CAcreateserial -in client.csr -out client.crt