Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
pem
Advanced tools
Changelog
Readme
Create private keys and certificates with node.js
Install with npm
npm install pem
Here are some examples for creating an SSL key/cert on the fly, and running an HTTPS server on port 443. 443 is the standard HTTPS port, but requires root permissions on most systems. To get around this, you could use a higher port number, like 4300, and use https://localhost:4300 to access your server.
var https = require('https'),
pem = require('pem');
pem.createCertificate({days:1, selfSigned:true}, function(err, keys){
https.createServer({key: keys.serviceKey, cert: keys.certificate}, function(req, res){
res.end('o hai!')
}).listen(443);
});
var https = require('https'),
pem = require('pem'),
express = require('express');
pem.createCertificate({days:1, selfSigned:true}, function(err, keys){
var app = express();
app.get('/', requireAuth, function(req, res){
res.send('o hai!');
});
https.createServer({key: keys.serviceKey, cert: keys.certificate}, app).listen(443);
});
Use createDhparam
for creating dhparam keys
pem.createDhparam(keyBitsize, callback)
Where
{dhparam}
Use createPrivateKey
for creating private keys
pem.createPrivateKey(keyBitsize, [options,] callback)
Where
{key}
Use createCSR
for creating certificate signing requests
pem.createCSR(options, callback)
Where
{csr, clientKey}
Possible options are the following
clientKey
clientKey
is undefined, bit size to use for generating a new key (defaults to 2048)md5
, sha1
or sha256
, defaults to sha256
)localhost
)Array
) of subjectAltNames in the subjectAltName field (optional)Use createCertificate
for creating private keys
pem.createCertificate(options, callback)
Where
{certificate, csr, clientKey, serviceKey}
Possible options include all the options for createCSR
- in case csr
parameter is not defined and a new
CSR needs to be generated.
In addition, possible options are the following
serviceKey
serviceCertificate
is definedserviceKey
is not defined, use clientKey
for signing-extensions v3_req
-extensions v3_req
Use getPublicKey
for exporting a public key from a private key, CSR or certificate
pem.getPublicKey(certificate, callback)
Where
{publicKey}
Use readCertificateInfo
for reading subject data from a certificate or a CSR
pem.readCertificateInfo(certificate, callback)
Where
{serial, country, state, locality, organization, organizationUnit, commonName, emailAddress, validity{start, end}, san{dns, ip}?, issuer{country, state, locality, organization, organizationUnit} }
? san is only present if the CSR or certificate has SAN entries.
Use getFingerprint
to get the default SHA1 fingerprint for a certificate
pem.getFingerprint(certificate, [hash,] callback)
Where
md5
, sha1
or sha256
, defaults to sha1
){fingerprint}
Use getModulus
to get the modulus for a certificate, a CSR or a private key. Modulus can be useful to check that a Private Key Matches a Certificate
pem.getModulus(certificate, callback)
Where
{modulus}
Use getDhparamInfo
to get the size and prime of DH parameters.
pem.getDhparamInfo(dhparam, callback)
Where
dhparam is a PEM encoded DH parameters string
callback is a callback function with an error object and {size, prime}
Use createPkcs12
to export a certificate and the private key to a PKCS12 keystore.
pem.createPkcs12(clientKey, certificate, p12Password, [options], callback)
Where
cipher
and clientKeyPassword
(ciphers:["aes128", "aes192", "aes256", "camellia128", "camellia192", "camellia256", "des", "des3", "idea"]){pkcs12}
(binary)## Verify a certificate signing chain
Use verifySigningChain
to assert that a given certificate has a valid signing chain.
pem.verifySigningChain(certificate, ca, callback)
Where
In some systems the openssl
executable might not be available by the default name or it is not included in $PATH. In this case you can define the location of the executable yourself as a one time action after you have loaded the pem module:
var pem = require('pem');
pem.config({
pathOpenSSL: '/usr/local/bin/openssl'
});
...
// do something with the pem module
MIT
FAQs
Unknown package
The npm package pem receives a total of 195,682 weekly downloads. As such, pem popularity was classified as popular.
We found that pem demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.