const tls = require('tls');const fs = require('fs');const options = {    key: fs.readFileSync('my_key.pem'),    cert: fs.readFileSync('my_cert.pem'),    // This is necessary only if using the client certificate authentication.    requestCert: false,    // This is necessary only if the client uses the self-signed certificate.    ca: [fs.readFileSync('user_cert.pem')]};const server = tls.createServer(options, (socket) => {    console.log('server connected',        socket.authorized ? 'authorized' : 'unauthorized');    socket.write('welcome!\n');    socket.setEncoding('utf8');    socket.pipe(socket);});server.listen(8000, () => {    console.log('server bound');});

　　

const tls = require('tls');const fs = require('fs');const options = {    // Necessary only if using the client certificate authentication    key: fs.readFileSync('user_key.pem'),    cert: fs.readFileSync('user_cert.pem'),    rejectUnauthorized: false,    // Necessary only if the server uses the self-signed certificate    ca: [fs.readFileSync('my_cert.pem')]};const socket = tls.connect(8000, options, () => {    console.log('client connected',        socket.authorized ? 'authorized' : 'unauthorized');    process.stdin.pipe(socket);    process.stdin.resume();});socket.setEncoding('utf8');socket.on('data', (data) => {    console.log(data);});socket.on('end', () => {    server.close();});

 

密钥:摘自nodejs 官方文档

openssl genrsa -out ryans-key.pem 2048;

openssl req -new -sha256 -key ryans-key.pem -out ryans-csr.pem;

openssl x509 -req -in ryans-csr.pem -signkey ryans-key.pem -out ryans-cert.pem