tls.createSecureContext(options)

Creates a credentials object; the options object may contain the following fields:

• pfx : A string or Buffer holding the PFX or PKCS12 encoded private key, certificate, and CA certificates.
• key: A string or Buffer containing the private key of the server in PEM format. To support multiple keys using different algorithms, an array can be provided. It can either be a plain array of keys or an array of objects in the format {pem: key, passphrase: passphrase}. (Required)
• passphrase : A string containing the passphrase for the private key or pfx.
• cert : A string containing the PEM encoded certificate
• ca: A string, Buffer, array of strings, or array of Buffers of trusted certificates in PEM format. If this is omitted several well known "root" CAs (like VeriSign) will be used. These are used to authorize connections.
• crl : Either a string or list of strings of PEM encoded CRLs (Certificate Revocation List).
• ciphers: A string describing the ciphers to use or exclude. Consult https://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT for details on the format.
• honorCipherOrder : When choosing a cipher, use the server's preferences instead of the client preferences. For further details see tls module documentation.

If no 'CA' details are given, then Node.js will use the default publicly trusted list of CAs as given in http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt.