diff options
| author | Luca Casonato <hello@lcas.dev> | 2021-09-30 09:26:15 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-09-30 09:26:15 +0200 |
| commit | 0d7a417f332a57fb3e89250a1ce250b929d0b2f7 (patch) | |
| tree | 8f63043fcf6c5419d6d213a196c54a8b421e3d8b /ext/net/lib.deno_net.d.ts | |
| parent | 62920e4ef5bed131c125c4b8b5bdb8250584946f (diff) | |
feat(tls): custom in memory CA certificates (#12219)
This adds support for using in memory CA certificates for
`Deno.startTLS`, `Deno.connectTLS` and `Deno.createHttpClient`.
`certFile` is deprecated in `startTls` and `connectTls`, and removed
from `Deno.createHttpClient`.
Diffstat (limited to 'ext/net/lib.deno_net.d.ts')
| -rw-r--r-- | ext/net/lib.deno_net.d.ts | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/ext/net/lib.deno_net.d.ts b/ext/net/lib.deno_net.d.ts index dd2e4677d..45f1194fb 100644 --- a/ext/net/lib.deno_net.d.ts +++ b/ext/net/lib.deno_net.d.ts @@ -121,8 +121,18 @@ declare namespace Deno { /** A literal IP address or host name that can be resolved to an IP address. * If not specified, defaults to `127.0.0.1`. */ hostname?: string; - /** Server certificate file. */ + /** + * @deprecated This option is deprecated and will be removed in a future + * release. + * + * Server certificate file. + */ certFile?: string; + /** A list of root certificates that will be used in addition to the + * default root certificates to verify the peer's certificate. + * + * Must be in PEM format. */ + caCerts?: string[]; } /** Establishes a secure connection over TLS (transport layer security) using @@ -131,10 +141,11 @@ declare namespace Deno { * be used (see also https://github.com/ctz/webpki-roots for specifics) * * ```ts + * const caCert = await Deno.readTextFile("./certs/my_custom_root_CA.pem"); * const conn1 = await Deno.connectTls({ port: 80 }); - * const conn2 = await Deno.connectTls({ certFile: "./certs/my_custom_root_CA.pem", hostname: "192.0.2.1", port: 80 }); + * const conn2 = await Deno.connectTls({ caCerts: [caCert], hostname: "192.0.2.1", port: 80 }); * const conn3 = await Deno.connectTls({ hostname: "[2001:db8::1]", port: 80 }); - * const conn4 = await Deno.connectTls({ certFile: "./certs/my_custom_root_CA.pem", hostname: "golang.org", port: 80}); + * const conn4 = await Deno.connectTls({ caCerts: [caCert], hostname: "golang.org", port: 80}); * ``` * * Requires `allow-net` permission. |