[FEATURE] Expose Peer Certificate Info in TLS Sockets

cloudflare / workerd

The JavaScript / Wasm runtime that powers Cloudflare Workers

https://blog.cloudflare.com/workerd-open-source-workers-runtime/

Apache License 2.0

6.07k stars 287 forks source link

[FEATURE] Expose Peer Certificate Info in TLS Sockets #1041

Open ghost opened 1 year ago

ghost commented 1 year ago

Probably a long shot and outside the scope of workerd for now, but would be nice to have Web Workers API equivalent for tls.TLSocket from nodejs runtime. My particular use-case is being able to inspect peer certificate information like expiry date, TLS version and SN.

Feel free to close if it doesn't belong here

dom96 commented 1 year ago

TLS sockets are supported (https://developers.cloudflare.com/workers/runtime-apis/tcp-sockets/#socketoptions). But the peer certificate information isn't exposed yet via the API.

ghost commented 1 year ago

Sorry Yes I just checked startTls must have missed it, but as you mentioned certificate info isn't exposed yet. Easy to bubble it up from cpp code in workerd or needs more plumbing in CF infra? Happy to give it a trry. Thank you

dom96 commented 1 year ago

Easy to bubble it up from cpp code in workerd or needs more plumbing in CF infra?

It'll need plumbing in CF infra

ghost commented 1 year ago

np not big deal for now just posting for visibility :-) - thanks!