tlsSocket.renegotiate(options, callback)

• options <Object>

  • rejectUnauthorized <boolean> 如果不是 false,则服务器证书将根据提供的 CA 列表进行验证。如果验证失败,则触发 'error' 事件;err.code 包含 OpenSSL 错误代码。默认值:true。

    \rejectUnauthorized <boolean> If not false, the server certificate is verified against the list of supplied CAs. An 'error' event is emitted if verification fails; err.code contains the OpenSSL error code. Default: true.

  • requestCert

• callback <Function> 如果 renegotiate() 返回 true,则回调将绑定到 'secure' 事件。如果 renegotiate() 返回 false, 则 callback 将在下一个滴答中被调用并出错, 除非 tlsSocket 已被销毁, 在这种情况下根本不会调用 callback。

  \callback <Function> If renegotiate() returned true, callback is attached once to the 'secure' event. If renegotiate() returned false, callback will be called in the next tick with an error, unless the tlsSocket has been destroyed, in which case callback will not be called at all.

• 返回:<boolean> 如果启动重新协商则为 true,否则为 false。

  \Returns: <boolean> true if renegotiation was initiated, false otherwise.

tlsSocket.renegotiate() 方法启动 TLS 重新协商过程。当完成后,callback 函数将传入一个参数,该参数是 Error(如果请求失败)或 null。

\The tlsSocket.renegotiate() method initiates a TLS renegotiation process. Upon completion, the callback function will be passed a single argument that is either an Error (if the request failed) or null.

此方法可用于在建立安全连接后请求对等方的证书。

\This method can be used to request a peer's certificate after the secure connection has been established.

当作为服务器运行时,套接字将在 handshakeTimeout 超时后销毁并出现错误。

\When running as the server, the socket will be destroyed with an error after handshakeTimeout timeout.

对于 TLSv1.3,无法发起重协商,协议不支持。

\For TLSv1.3, renegotiation cannot be initiated, it is not supported by the protocol.