Skip to main content
createSecurePair - tls - Node documentation
function createSecurePair

Usage in Deno

import { createSecurePair } from "node:tls";
createSecurePair(
context?: SecureContext,
isServer?: boolean,
requestCert?: boolean,
rejectUnauthorized?: boolean,
): SecurePair
Deprecated

Since v0.11.3 - Use TLSSocket instead.

<div class="alert alert-warning"><div><svg xmlns="http://www.w3.org/2000/svg" width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"> <path stroke="none" d="M0 0h24v24H0z" fill="none" /> <path d="M12 9v4" /> <path d="M10.363 3.591l-8.106 13.534a1.914 1.914 0 0 0 1.636 2.871h16.214a1.914 1.914 0 0 0 1.636 -2.87l-8.106 -13.536a1.914 1.914 0 0 0 -3.274 0z" /> <path d="M12 16h.01" /> </svg> Deno compatibility</div><div><p> This symbol is currently not supported.</p> </div></div>

Creates a new secure pair object with two streams, one of which reads and writes the encrypted data and the other of which reads and writes the cleartext data. Generally, the encrypted stream is piped to/from an incoming encrypted data stream and the cleartext one is used as a replacement for the initial encrypted stream.

tls.createSecurePair() returns a tls.SecurePair object with cleartext and encrypted stream properties.

Using cleartext has the same API as TLSSocket.

The tls.createSecurePair() method is now deprecated in favor oftls.TLSSocket(). For example, the code:

pair = tls.createSecurePair(// ... );
pair.encrypted.pipe(socket);
socket.pipe(pair.encrypted);

can be replaced by:

secureSocket = tls.TLSSocket(socket, options);

where secureSocket has the same API as pair.cleartext.

Parameters

optional
context: SecureContext

A secure context object as returned by tls.createSecureContext()

optional
isServer: boolean

true to specify that this TLS connection should be opened as a server.

optional
requestCert: boolean

true to specify whether a server should request a certificate from a connecting client. Only applies when isServer is true.

optional
rejectUnauthorized: boolean

If not false a server automatically reject clients with invalid certificates. Only applies when isServer is true.

Return Type