started documentation of tls/SSL

This commit is contained in:
Brandon Nozaki Miller 2015-09-27 22:59:25 -07:00
parent 6fc0199f01
commit a4e6fcd301
2 changed files with 30 additions and 3 deletions

View file

@ -35,8 +35,9 @@ This work is licenced via the [DBAD Public Licence](http://www.dbad-license.org/
4. [Basic Examples](#basic-examples) 4. [Basic Examples](#basic-examples)
1. [Server for Unix||Windows Sockets & TCP Sockets](#server-for-unix-sockets--tcp-sockets) 1. [Server for Unix||Windows Sockets & TCP Sockets](#server-for-unix-sockets--tcp-sockets)
2. [Client for Unix||Windows Sockets & TCP Sockets](#client-for-unix-sockets--tcp-sockets) 2. [Client for Unix||Windows Sockets & TCP Sockets](#client-for-unix-sockets--tcp-sockets)
3. [Server & Client for UDP Sockets](#server--client-for-udp-sockets) 3. [Working with TLS Servers & clients](https://github.com/RIAEvangelist/node-ipc/tree/master/example/TLSSocket)
4. [Raw Buffers or Binary Sockets](#raw-buffer-or-binary-sockets) 4. [Server & Client for UDP Sockets](#server--client-for-udp-sockets)
5. [Raw Buffers or Binary Sockets](#raw-buffer-or-binary-sockets)
5. [Advanced Examples](https://github.com/RIAEvangelist/node-ipc/tree/master/example) 5. [Advanced Examples](https://github.com/RIAEvangelist/node-ipc/tree/master/example)
@ -210,7 +211,9 @@ or explicitly setting the path with callback
`ipc.connectToNet(id,host,port,callback)` `ipc.connectToNet(id,host,port,callback)`
Used to connect as a client to a TCP or TLS socket via the network card. This can be local or remote, if local, it is recommended that you use the Unix and Windows Socket Implementaion of `connectTo` instead as it is much faster since it avoids the network card altogether. Used to connect as a client to a TCP or [TLS socket](https://github.com/RIAEvangelist/node-ipc/tree/master/example/TLSSocket) via the network card. This can be local or remote, if local, it is recommended that you use the Unix and Windows Socket Implementaion of `connectTo` instead as it is much faster since it avoids the network card altogether.
For TLS and SSL Sockets see the [node-ipc TLS and SSL docs](https://github.com/RIAEvangelist/node-ipc/tree/master/example/TLSSocket). They have a few additional requirements, and things to know about and so have their own doc.
| variable | required | definition | | variable | required | definition |
|----------|----------|------------| |----------|----------|------------|

View file

@ -0,0 +1,24 @@
# Using TLS and SSL for Secure node-ipc
### document in progress
Still working on this. If you look at the examples and can help, please jump right in.
#### important cli commands
- openssl genrsa -out server.key 2048
- openssl req -new -x509 -key server.key -out server.pub -days 365 -config openssl.cnf
- talk about openssl.cnf edits
#### using the local node-ipc certs
This should **ONLY** be done on your local machine. Both the public and private certs are available here on git hub, so its not a good idea to use them over the network.
#### talk about security
- keep private keys private, don't shared
#### talk about using hostname not ip for best security validation of certs
#### examples
- basic with default keys
- specikfying keys
- encrypted but venerable to man in the middle
- two way authenticated pub private