Pear Docsbare-tls
Reference for bare-tls: Transport Layer Security (TLS) streams for Bare, layered over a duplex socket, with a server and connect helper.
bare-tls provides TLS streams for Bare, wrapping an underlying duplex socket (typically bare-tcp) in an encrypted bare-stream. The shape follows the Node.js tls module. It's a native addon and requires Bare >=1.7.0.
npm i bare-tlsUsage
const tls = require('bare-tls')
const fs = require('bare-fs')
const server = tls.createServer(
{ cert: fs.readFileSync('cert.pem'), key: fs.readFileSync('key.pem') },
(socket) => socket.end('secure hello')
)API
Socket
const socket = new tls.Socket(stream[, options])
Wrap an existing duplex stream in TLS. Exposes socket.socket (the underlying stream), socket.encrypted, and socket.alpnProtocol; emits connect.
| Option | Type | Default | Description |
|---|---|---|---|
isServer | boolean | false | Whether the socket acts as a TLS server or client. If true, cert and key must be provided. |
cert | Buffer | null | PEM-encoded certificate data. |
key | Buffer | null | PEM-encoded private key data. |
host | string | null | Enables hostname verification against the server certificate. For DNS names it is also sent as the SNI extension; for IP literals it is matched against the certificate's IP SANs and SNI is suppressed per RFC 6066. Required for client sockets unless rejectUnauthorized is false. |
rejectUnauthorized | boolean | true | Whether the client rejects connections when certificate verification fails. |
ca | Buffer | null | One or more PEM-encoded CA certificates. When provided, only these CAs are used for verification instead of the bundled Mozilla root certificates. |
alpnProtocols | string[] | null | Array of ALPN protocol name strings, ordered by preference. |
eagerOpen | boolean | true | Whether to open the underlying stream eagerly. |
allowHalfOpen | boolean | true | Whether to allow half-open TCP connections. |
readBufferSize | number | 65536 | Size in bytes of the read buffer. |
Server
const server = tls.createServer([options][, onconnection])
Create a TLS server: server.listen(...args), server.address(), server.close([onclose]), server.ref() / server.unref(), and server.listening. Emits listening, connection, close, error.
Connect
const socket = tls.connect(options[, onconnect]) · tls.connect(port[, host][, onconnect])
Open a TLS client connection.
Related modules
Builds on bare-net and bare-stream (see Bare modules).
See also
bare-tcp—the unencrypted socket TLS wraps.- Bare modules—the full
bare-*catalog. - Bare runtime API—the runtime this runs on.