Menu
I am currently experiencing a known problem with OpenSSL on Ubuntu 12.04. This problem is already fixed in Debian and I'm expecting it to be fixed soon in Ubuntu too. However, in the mean time I would need a workaround.
So is it possible to disable TLS1 in Node and have something equivalent to tls1 switch:
openssl s_client -tls1 -connect evernote.com:443
Here is a simple Node.js script to replicate the problem (on Ubuntu 12.04 w/ OpenSSL 1.0.1)
var https = require('https');
https.get({
host: 'www.evernote.com',
path: '/',
port: 443
}, function (res) {
console.log('Success!');
});
332
Judging from the documentation and the sources (1, 2), it should be possible to pass an options object to request that contains something like
options = { secureProtocol: 'TLSv1_method' }
in order to use TLSv1 (and just that) for this particular connection.
The default is to use OpenSSL's SSLv23_method, which means to use the highest TLS/SSL version that is possibly understood by both parties.
Although possible in OpenSSL itself, it is not possible to blacklist a particular TLS version (as in "use the highest version possible, but never this one") in node.js as far as I can see, the necessary flags to do so are not exported in node.js itself.
158
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
