Menu
I'm trying to create a server that would use TLS 1.1 or higher.
This is my current TLS configuration:
var options = {};
options.key = fs.readFileSync('privatekey.pem');
options.cert = fs.readFileSync('certificate.pem');
options.secureProtocol = 'TLSv1_server_method';
options.ciphers = "AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH";
options.honorCipherOrder = true;
httpServer = https.createServer(options, app);
Just as was suggested here
From reading Openssl's guide here I didn't find anything about TLS 1.1
Any suggestions?
444
If you have installed the latest system patch, TLS1. 0, 1.1 and 1.2 both enabled on server by default. You can get this information from Microsoft docs.
Risk of outdated TLS protocolsTLS 1.0 and 1.1 are vulnerable to downgrade attacks since they rely on SHA-1 hash for the integrity of exchanged messages. Even authentication of handshakes is done based on SHA-1, which makes it easier for an attacker to impersonate a server for MITM attacks.
For Microsoft 365 operated by 21 Vianet, TLS 1.0/1.1 will be disabled on June 30, 2023. As of October 31, 2018, the Transport Layer Security (TLS) 1.0 and 1.1 protocols are deprecated for the Microsoft 365 service.
TLS 1.0 should no longer be used. This works to disable TLS 1.0 in node.js:
https.createServer({
secureOptions: require('constants').SSL_OP_NO_TLSv1,
pfx: fs.readFileSync(path.resolve(pathToCert))
}, app).listen(443);
You can verify this using this tool: ssllabs
156
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
