René's URL Explorer Experiment


Title: doc: `tls.connect` supports `requestOCSP` option but it is undocumented · Issue #61042 · nodejs/node · GitHub

Open Graph Title: doc: `tls.connect` supports `requestOCSP` option but it is undocumented · Issue #61042 · nodejs/node

X Title: doc: `tls.connect` supports `requestOCSP` option but it is undocumented · Issue #61042 · nodejs/node

Description: What is the problem? According to the documentation, the requestOCSP option is supported by the new tls.TLSSocket() constructor, but tls.connect() does not list requestOCSP as a supported option. However, in practice, tls.connect() does ...

Open Graph Description: What is the problem? According to the documentation, the requestOCSP option is supported by the new tls.TLSSocket() constructor, but tls.connect() does not list requestOCSP as a supported option. H...

X Description: What is the problem? According to the documentation, the requestOCSP option is supported by the new tls.TLSSocket() constructor, but tls.connect() does not list requestOCSP as a supported option. H...

Opengraph URL: https://github.com/nodejs/node/issues/61042

X: @github

direct link

Domain: github.com


Hey, it has json ld scripts:
{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"doc: `tls.connect` supports `requestOCSP` option but it is undocumented","articleBody":"### What is the problem?\n\nAccording to the documentation, the `requestOCSP` option is supported by the\n`new tls.TLSSocket()` constructor, but **`tls.connect()` does not list\n`requestOCSP` as a supported option**.\n\nHowever, in practice, `tls.connect()` *does* accept and honor the\n`requestOCSP` option.\n\nThis creates a documentation inconsistency: users relying on `tls.connect()`\ncannot discover that OCSP stapling can be requested, even though it works.\n\n### What is expected?\n\nDocument that `tls.connect()` supports the `requestOCSP` option, and describe its effect, in the same way it is documented for `new tls.TLSSocket()`.\n\n### Affected docs\n\nhttps://nodejs.org/api/tls.html#tlsconnectoptions-callback\n\n---\n\n### Observed behavior\n\nWhen passing `{ requestOCSP: true }` to `tls.connect()`, it causes the client to request\nOCSP stapling during the TLS handshake:\n\n- The server emits an `OCSPRequest` event\n- The client receives an `OCSPResponse` event\n\nWhen `requestOCSP` is `false`, no OCSP request is made and no response\nis received.\n\nThe behavior is reproducible and matches the documented behavior of `new tls.TLSSocket()`.\n\n\u003cdetails\u003e\n\u003csummary\u003eTest code\u003c/summary\u003e\n\n```sh\n# generate server.key\nopenssl genrsa -out server.key 2048\n# generate server.crt\nopenssl req -x509 -new -nodes \\\n  -key server.key \\\n  -sha256 \\\n  -days 1 \\\n  -out server.crt \\\n  -subj \"/CN=ocsp.example.test\" \\\n  -addext \"subjectAltName=DNS:ocsp.example.test\"\n```\n\nAfter that, execute the following typescript in the same directory:\n```ts\nimport * as assert from \"node:assert\";\nimport * as fs from \"node:fs\";\nimport { describe, it } from \"node:test\";\nimport * as tls from \"node:tls\";\n\nconst certPem = fs.readFileSync(\"server.crt\");\nconst keyPem = fs.readFileSync(\"server.key\");\n\nconst domain = \"ocsp.example.test\";\n\ndeclare module \"node:tls\" {\n    interface ConnectionOptions {\n        requestOCSP?: boolean;\n    }\n}\n\nasync function withTlsServer(\n    onListening: (server: tls.Server, port: number) =\u003e Promise\u003cvoid\u003e,\n    options?: tls.TlsOptions,\n) {\n    await using server = tls.createServer({\n        cert: certPem,\n        key: keyPem,\n        minVersion: \"TLSv1.2\",\n        maxVersion: \"TLSv1.2\",\n        ...options,\n    });\n\n    await new Promise\u003cvoid\u003e((resolve, reject) =\u003e {\n        server.once(\"error\", reject);\n        server.listen(0, \"127.0.0.1\", resolve);\n    });\n\n    const address = server.address();\n    assert.ok(address \u0026\u0026 typeof address === \"object\", \"server did not start\");\n\n    server.on(\"secureConnection\", (socket) =\u003e {\n        socket.on(\"OCSPResponse\", () =\u003e {\n            throw new Error(\"Server socket should not receive OCSPResponse events\");\n        });\n    });\n\n    await onListening(server, address.port);\n}\n\nfunction connectWithRequestOCSP(port: number, requestOCSP: boolean) {\n    return new Promise\u003c(Buffer | null)[]\u003e((resolve, reject) =\u003e {\n        const tlsSocket = tls.connect(\n            {\n                port,\n                host: \"127.0.0.1\",\n                servername: domain,\n                minVersion: \"TLSv1.2\",\n                maxVersion: \"TLSv1.2\",\n                rejectUnauthorized: false,\n                requestOCSP,\n            },\n            () =\u003e {\n                tlsSocket.end();\n            },\n        );\n\n        const ocspResponses: Array\u003cBuffer | null\u003e = [];\n        tlsSocket.on(\"OCSPResponse\", response =\u003e ocspResponses.push(response));\n        tlsSocket.once(\"error\", reject);\n        tlsSocket.setTimeout(3_000, () =\u003e tlsSocket.destroy(new Error(\"TLS handshake timeout\")));\n        tlsSocket.once(\"close\", () =\u003e resolve(ocspResponses));\n    });\n}\n\nfunction randomBytes(length: number): Buffer\u003cArrayBuffer\u003e {\n    const buffer = Buffer.alloc(length);\n    crypto.getRandomValues(buffer);\n    return buffer;\n}\nfunction createOcspRequestCounter(server: tls.Server, randomBuffer: Buffer) {\n    let count = 0;\n    server.on(\"OCSPRequest\", (_certificate, _issuer, callback) =\u003e {\n        count += 1;\n        callback(null, randomBuffer);\n    });\n    return () =\u003e count;\n}\n\ndescribe(\"tls OCSP behavior\", () =\u003e {\n    describe(\"connect\", () =\u003e {\n        it(\"requests OCSP stapling when requestOCSP is true\", async () =\u003e\n            await withTlsServer(async (server, port) =\u003e {\n                const randomBuffer = randomBytes(16);\n                const ocspRequestCounter = createOcspRequestCounter(server, randomBuffer);\n                const ocspResponses = await connectWithRequestOCSP(port, true);\n                assert.strictEqual(ocspRequestCounter(), 1);\n                assert.deepEqual(ocspResponses, [randomBuffer]);\n            }));\n\n        it(\"does not request OCSP stapling when requestOCSP is false\", async () =\u003e\n            await withTlsServer(async (server, port) =\u003e {\n                const randomBuffer = randomBytes(16);\n                const ocspRequestCounter = createOcspRequestCounter(server, randomBuffer);\n                const ocspResponses = await connectWithRequestOCSP(port, false);\n                assert.strictEqual(ocspRequestCounter(), 0);\n                assert.deepEqual(ocspResponses, []);\n            }));\n    });\n    describe(\"createServer\", () =\u003e {\n        it(\"requestOCSP option has no effect\", async () =\u003e {\n            for (const requestOCSP of [true, false]) {\n                await withTlsServer(\n                    async (server, port) =\u003e {\n                        const randomBuffer = randomBytes(16);\n                        const ocspRequestCounter = createOcspRequestCounter(server, randomBuffer);\n                        const ocspResponses = await connectWithRequestOCSP(port, true);\n                        assert.strictEqual(ocspRequestCounter(), 1);\n                        assert.deepEqual(ocspResponses, [randomBuffer]);\n                    },\n                    // @ts-expect-error Testing undocumented option\n                    { requestOCSP },\n                );\n            }\n        });\n    });\n});\n```\n\u003c/details\u003e\n","author":{"url":"https://github.com/ikeyan","@type":"Person","name":"ikeyan"},"datePublished":"2025-12-13T06:13:23.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":0},"url":"https://github.com/61042/node/issues/61042"}

route-pattern/_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format)
route-controllervoltron_issues_fragments
route-actionissue_layout
fetch-noncev2:ba9dfe33-3b25-500d-5312-d43d2140c32e
current-catalog-service-hash81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114
request-idE7EE:2F266A:0E36:10DC:6A4C106B
html-safe-nonceddceb28fc67860c95a883cd0296d3ed084fdb05fe58c3efb67af8402027d32a1
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJFN0VFOjJGMjY2QTowRTM2OjEwREM6NkE0QzEwNkIiLCJ2aXNpdG9yX2lkIjoiMTQyNjczNzI0MjE1MjExMjIzNSIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9
visitor-hmac4b283d37815eb2bae1c4440d96a76c6ad18f0037999f86fdba27a3e0f68e8f8f
hovercard-subject-tagissue:3725574495
github-keyboard-shortcutsrepository,issues,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///voltron/issues_fragments/issue_layout
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/nodejs/node/61042/issue_layout
twitter:imagehttps://opengraph.githubassets.com/b11a3714437d324b1547f7c87f83b070f017cc3e53bd1fff245a4eed7e485e85/nodejs/node/issues/61042
twitter:cardsummary_large_image
og:imagehttps://opengraph.githubassets.com/b11a3714437d324b1547f7c87f83b070f017cc3e53bd1fff245a4eed7e485e85/nodejs/node/issues/61042
og:image:altWhat is the problem? According to the documentation, the requestOCSP option is supported by the new tls.TLSSocket() constructor, but tls.connect() does not list requestOCSP as a supported option. H...
og:image:width1200
og:image:height600
og:site_nameGitHub
og:typeobject
og:author:usernameikeyan
hostnamegithub.com
expected-hostnamegithub.com
None0ccfc9e5281bfe12e38a4d632dc422843e4d5b6757917f7efda2f6567d72fea9
turbo-cache-controlno-preview
go-importgithub.com/nodejs/node git https://github.com/nodejs/node.git
octolytics-dimension-user_id9950313
octolytics-dimension-user_loginnodejs
octolytics-dimension-repository_id27193779
octolytics-dimension-repository_nwonodejs/node
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forkfalse
octolytics-dimension-repository_network_root_id27193779
octolytics-dimension-repository_network_root_nwonodejs/node
turbo-body-classeslogged-out env-production page-responsive
disable-turbofalse
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release18812876666a23a0912556e224383baa4c84cf8e
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/nodejs/node/issues/61042#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fnodejs%2Fnode%2Fissues%2F61042
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub Copilot appDirect agents from issue to mergehttps://github.com/features/ai/github-app
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
View all resourceshttps://github.com/resources
GitHub SponsorsFund open source developershttps://github.com/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/accelerator
GitHub Starshttps://stars.github.com
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fnodejs%2Fnode%2Fissues%2F61042
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fissues_fragments%2Fissue_layout&source=header-repo&source_repo=nodejs%2Fnode
Reloadhttps://github.com/nodejs/node/issues/61042
Reloadhttps://github.com/nodejs/node/issues/61042
Reloadhttps://github.com/nodejs/node/issues/61042
Please reload this pagehttps://github.com/nodejs/node/issues/61042
nodejs https://github.com/nodejs
nodehttps://github.com/nodejs/node
Please reload this pagehttps://github.com/nodejs/node/issues/61042
Notifications https://github.com/login?return_to=%2Fnodejs%2Fnode
Fork 36k https://github.com/login?return_to=%2Fnodejs%2Fnode
Star 118k https://github.com/login?return_to=%2Fnodejs%2Fnode
Code https://github.com/nodejs/node
Issues 1.4k https://github.com/nodejs/node/issues
Pull requests 967 https://github.com/nodejs/node/pulls
Actions https://github.com/nodejs/node/actions
Projects https://github.com/nodejs/node/projects
Security and quality 0 https://github.com/nodejs/node/security
Insights https://github.com/nodejs/node/pulse
Code https://github.com/nodejs/node
Issues https://github.com/nodejs/node/issues
Pull requests https://github.com/nodejs/node/pulls
Actions https://github.com/nodejs/node/actions
Projects https://github.com/nodejs/node/projects
Security and quality https://github.com/nodejs/node/security
Insights https://github.com/nodejs/node/pulse
#61064https://github.com/nodejs/node/pull/61064
doc: tls.connect supports requestOCSP option but it is undocumentedhttps://github.com/nodejs/node/issues/61042#top
#61064https://github.com/nodejs/node/pull/61064
https://github.com/ikeyan
ikeyanhttps://github.com/ikeyan
on Dec 13, 2025https://github.com/nodejs/node/issues/61042#issue-3725574495
https://nodejs.org/api/tls.html#tlsconnectoptions-callbackhttps://nodejs.org/api/tls.html#tlsconnectoptions-callback
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width


URLs of crawlers that visited me.