发表新帖
发表新帖

Node.js TLS connections without hostname verification

后端 未结
关注
1 457
盖世英雄少女心
盖世英雄少女心 2021-01-28 11:50

I\'m playing with a swarm of \"nodes\" connecting to each other, and all I really care for is that they are connected securely to each other and are all authenticated.

F

1条回答
  • 执笔经年
    执笔经年 (楼主)
    2021-01-28 12:55

    Is it possible somehow to disable or work around the Common Name validation?

    This is possible by setting the checkServerIdentity option of tls.connect to a no-op function:

    const tls = require('tls')
tls.connect({
  checkServerIdentity: () => undefined,
  ...
})

    Sources:

    • https://nodejs.org/api/tls.html#tls_tls_checkserveridentity_host_cert
    • https://github.com/nodejs/node/blob/df63e534584a54dcf02b37446e1e821382e3cef3/lib/tls.js#L168-L231
    • https://github.com/nodejs/node/blob/79261f3003719264bc03f6a5b54cf9eddbc8b48e/lib/_tls_wrap.js#L1046

    0 讨论(0)
 看不清?
提交回复
热议问题