Optionally override the trusted CA certificates.
Cert chains in PEM format.
Cipher suite specification, replacing the default.
Name of an OpenSSL engine which can provide the client certificate.
PEM formatted CRLs (Certificate Revocation Lists).
Diffie Hellman parameters, required for Perfect Forward Secrecy.
A string describing a named curve or a colon separated list of curve NIDs or names, for example P-521:P-384:P-256, to use for ECDH key agreement.
Attempt to use the server's cipher suite preferences instead of the client's.
Private keys in PEM format.
Shared passphrase used for a single private key and/or a PFX.
PFX or PKCS12 encoded private key and certificate chain.
If true the server will reject any connection which is not authorized with the list of supplied CAs.
Optionally affect the OpenSSL protocol behavior, which is not usually necessary.
Legacy mechanism to select the TLS protocol version to use.
Opaque identifier used by servers to ensure session state is not shared between applications.
Additional options that can be passed to the connect function affecting the underlying TLS configuratio. These options are passed directly to
tls.createSecureContext(). For more information, see the documentation for thetls.createSecureContext()function in the Node.js documentation.