Creating a TLS Socket Server

Creating a TLS socket server is almost exactly like creating a socket server, as discussed earlier in this chapter. The only differences is that there are additional options that you must pass into tls.createServer(), and there are some additional events that can be triggered on the tls.Server object. The options, listed in Table 8.9, allow you to specify the security options for the server. Table 8.10 lists the additional events for the TLS socket server. The most important options are key, cert, and ca.

Table 8.9 Additional options for tls.createServer()

The key option specifies the private key used for SSL. The cert value specifies the x509 public key to use. If you are using a self-signed certificate, you need to point the ca property at the certificate for the client.

The following is an example of creating a TLS socket server in Node.js:

Click here to view code image

var options = {
  key: fs.readFileSync('test/keys/server.pem'),
  cert: fs.readFileSync('test/keys/server.crt'),
  ca: fs.readFileSync('test/keys/client.crt')
};
tls.createServer(options, function (client) {
  client.write("Hello Secure World ");
  client.end();
}).listen(8108);

Once the TLS socket server has been created, the request/response handling works basically the same way as for the TCP socket servers described earlier in this chapter. The server can accept connections and read and write data back to the client.

Table 8.10 Additional events on TLS Server objects