Confused about what the ssl option does

[glasser]

The ssl option is used (in listen) to mean "create an HTTPS server, using this as its constructor arguments". OK, that makes sense.

But... it also is used in the argument to common.setupOutgoing the three times it is called? Which is constructing a request to use as a client? What are the expected options that are valid both as constructor options to https.Server and as options to https.request? (Or for that matter to http.request, which could also be called there...)

[jcrugzz]

@glasser see here and scroll to the options that are passed in. A request can take the same options as the server but thats assuming the same cert is used for making the request (when as i think about it may be a false assumption but IMO whoever is creating an https server and https proxy should be doing them separately).

I think the main use case is not using the options.ssl in for the listen function (which is not called when you are just using it as a proxy), but exactly where you noticed it in common.setupOutgoing. This allows us to correctly make https requests using those same options. This also works with self signed certs if we pass in a custom agent. In this case you just need to set maxSockets to a reasonably high number so you aren't blocked by socket pooling 5 sockets as per default.

I hope this covers everything, let me know if you have any questions!

[glasser]

Well, at the very least, the README should probably say something more than "object to be passed to https.createServer()" especially if you're not considering that as the main use case?

[jcrugzz]

@glasser agreed, it should clarify that this is used for client proxying as well, IF you define an agent.