I'm implement a certificate automation service, and I want to verify the certificate is deployed correctly by making a https request after deployment, the https response should bring me the new deployed certificate's info, such as issue date and expires date.
I know this is something part of the socket programming, so I wondered if anyone knows there already some packages that I can use.
If there is no such packages, I may go deeper to learn some handshake flows and do it with Socket directly.
Ps: The most closest things I know is when implement a custom x509 trust manager in JAVA, it do support verifying the certificate from the client side.
CodePudding user response:
The https://www.npmjs.com/package/certnames package inspires me, then I found I can do it with bundled tls
module directly, as the certificate is transfered through tls layer, so we don't need to make a http request to get it.
import * as tls from 'tls';
test('test', function (done) {
let host = 'httpbin.org';
let socket = tls.connect({
port:443,
host,
servername: host, // this is required in case the server enabled SNI
}, () => {
let x509Certificate = socket.getPeerX509Certificate();
expect(x509Certificate.subject).toBe('CN=httpbin.org');
done();
});
});