typedef HttpsRequestOptions

A number specifying the socket timeout in milliseconds. This will set the timeout before the socket is connected.

Unix Domain Socket (cannot be used if one of host or port is specified, those specify a TCP Socket).

Establish secure connection on a given socket rather than creating a new socket. If this option is specified, host and port are ignored.

Specifies whether or not to automatically add the Host header. Defaults to true.

opaque identifier for session resumption. If requestCert is true, the default is MD5 hash value generated from command-line. Otherwise, the default is not provided.

A Buffer instance, containing TLS session.

Servername for SNI (Server Name Indication) TLS extension.

The SSL method to use, e.g. SSLv3_method to force SSL version 3. The possible values depend on your installation of OpenSSL and are defined in the constant SSL_METHODS.

If true - OCSP status request extension would be added to client hello, and OCSPResponse event will be emitted on socket before establishing secure communication

If true the server will reject any connection which is not authorized with the list of supplied CAs. This option only has an effect if requestCert is true. Default: false.

Protocol to use.

Default: 'http:'.

Port of remote server.

Default: defaultPort if set, else 80.

private key, certificate and CA certs of the server in PFX or PKCS12 format.

Request path. Should include query string if any. E.G. '/index.html?page=12'. An exception is thrown when the request path contains illegal characters. Currently, only spaces are rejected but that may change in the future.

Default: '/'.

passphrase for the private key or pfx.

A string specifying the HTTP request method.

Default: 'GET'.

Local interface to bind for network connections.

private key of the server in PEM format.

Alias for host. To support url.parse(), hostname will be used if both host and hostname are specified.

A domain name or IP address of the server to issue the request to.

Default: 'localhost'.

When choosing a cipher, use the server's preferences instead of the client preferences. Default: true.

An object containing request headers.

IP address family to use when resolving host or hostname. Valid values are 4 or 6. When unspecified, both IP v4 and v6 will be used.

named curve to use for ECDH key agreement or false to disable ECDH.

Defaults to prime256v1 (NIST P-256). Use Crypto.getCurves to obtain a list of available curve names. On recent releases, openssl ecparam -list_curves will also display the name and description of each available elliptic curve.

Diffie Hellman parameters, required for Perfect Forward Secrecy.

Use openssl dhparam to create it. Its key length should be greater than or equal to 1024 bits, otherwise it throws an error. It is strongly recommended to use 2048 bits or more for stronger security. If omitted or invalid, it is silently discarded and DHE ciphers won't be available.

Default port for the protocol.

Default: agent.defaultPort if an Agent is used, else undefined.

PEM encoded CRLs (Certificate Revocation List)

A function that produces a socket/stream to use for the request when the agent option is not used. This can be used to avoid creating a custom Agent class just to override the default createConnection function. See agent.createConnection() for more details. Any Duplex stream is a valid return value.

ciphers to use or exclude.

To mitigate BEAST attacks it is recommended that you use this option in conjunction with the honorCipherOrder option described below to prioritize the non-CBC cipher.

Defaults to AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH.

Consult the OpenSSL cipher list format documentation for details on the format. ECDH (Elliptic Curve Diffie-Hellman) ciphers are not yet supported.

An override for checking server's hostname against the certificate. Should return an error if verification fails. Return js.Lib.undefined if passing.

certificate key of the server in PEM format.

trusted certificates in PEM format. If this is omitted several well known "root" CAs will be used, like VeriSign. These are used to authorize connections.

Basic authentication i.e. 'user:password' to compute an Authorization header.

Controls Agent behavior.

Possible values:

• undefined (default): use http.globalAgent for this host and port.
• Agent object: explicitly use the passed in Agent.
• false : causes a new Agent with default values to be used.

possible NPN protocols. (Protocols should be ordered by their priority).