@litert/tls-sni

A TLS SNI(Server Name Indication) library for Node.js.

Usage no npm install needed!

<script type="module">
  import litertTlsSni from 'https://cdn.skypack.dev/@litert/tls-sni';
</script>

README

LiteRT/TLS-SNI

npm version License node GitHub issues GitHub Releases

A TLS SNI(Server Name Indication) library for Node.js.

Features

  • TypeScript Supports.
  • X.509 Certificate Decoder
  • Partial DER Decoder
  • Certificate Manager
  • Graceful Update Certificate.
  • RSA Certificate Supports.
  • RSA Key Pair Supports.
  • EC Certificate Supports.
  • EC Key Pair Supports.

Requirement

  • TypeScript v3.2.x (or newer)
  • Node.js v10.0.0 (or newer)

Installation

npm i @litert/tls-sni --save

Usage

import * as libsni from "@litert/tls-sni";
import * as TLS from "tls";
import * as FS from "fs";

// 1. Create a certificate mananger object.
const cm = libsni.certs.createManager();

// 2. Load a certificate into certificate mananger
cm.use(
    "default",
    FS.readFileSync(`./certs/default/cert-20190801.pem`),
    FS.readFileSync(`./certs/default/key-20190801.pem`)
);

// 3. Create a TLS server with the SNI callback provided by ceritificate manager.
const server = TLS.createServer({
    SNICallback: cm.getSNICallback(),
    ...otherOptions
});

// ...

// 4. Check if there are some certificates outdating.

const outdatingCerts = cm.findExpiringCertificates(
    Date.now() + 28 * 86400000 // Optional, 7 days by default
); // Get the list of certificate names, which are outdating in 28 days.

// ...

// 5. When a cert is being outdated, replace it with a new one.
cm.use(
    "default",
    FS.readFileSync(`./certs/default/cert-20190901.pem`),
    FS.readFileSync(`./certs/default/key-20190901.pem`)
);

More usage, see examples.

Document

Preparing yet.

License

This library is published under Apache-2.0 license.