Skip to content

[Question] Postmark TLS configuration changes. Any action required for users of this library? #77

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
erikfunkis opened this issue Feb 24, 2021 · 7 comments
Closed

[Question] Postmark TLS configuration changes. Any action required for users of this library? #77

erikfunkis opened this issue Feb 24, 2021 · 7 comments

Comments

@erikfunkis
Copy link

Hi!
Thank you for a nice and very useful library!

Postmark sent out emails containing this information: https://postmarkapp.com/updates/upcoming-tls-configuration-changes-for-api-users-action-may-be-required

If I just connect to the PostMark API through this library, do you know if I need to take action? If so, how?
@ibalosh
Copy link
Contributor

ibalosh commented Feb 24, 2021

Hi @erikfunkis

you don't need to take any action with the library. The TLS configuration is not set in the library itself but rather in underlying http library which is using nodejs TLS configuration. NodeJS is using TLS versions which specific node version supports. Recent versions of node support TLS 1.0 through 1.3 and in this case newer version of TLS will be used.

Everything should continue to work the same.

@ibalosh ibalosh closed this as completed Feb 24, 2021
@ibalosh
Copy link
Contributor

ibalosh commented Feb 24, 2021

Hey @erikfunkis

got additional details from a colleague for testing it out.
You can use a temporary endpoint to send email by it to see whether TLS works.
Initialise client with temporary endpoint and then send an email.

let postmark = require("postmark")
const serverToken = "xxxx-xxxxx-xxxx-xxxxx-xxxxxx"
let client = new postmark.ServerClient(serverToken, { requestHost: 'api-ssl-temp.postmarkapp.com', useHttps: true});

@erikfunkis
Copy link
Author

Thank you for the quick response and the concrete suggestion for how to try the new settings! Much appreciated! 🚀💗

@katlimruiz
Copy link

katlimruiz commented Mar 16, 2021
edited
Loading

Question. Is the NodeJs package version "postmark": "^2.3.0" impacted with this change?

From what I understand here, it is not, but actually the impact is based on the nodejs version being used? 8, 9, 10?
I am using 10 LTS so probably we are safe.

Am I right?

@ibalosh
Copy link
Contributor

ibalosh commented Mar 17, 2021

Hi @katlimruiz

postmark version "2.3.0" , is working similar to latest one so it should not be impacted by the change. And since you use NodeJS 10, you should be fine. However, I strongly advise using newer (idealy latest) library version, since old versions prior to 2.5.0 uses request library for the requests, which was deprecated.

@glenquarlessamcare
Copy link

How do i enforce use of tls1.1 from my side?

@ibalosh
Copy link
Contributor

ibalosh commented Apr 24, 2024

Hi @glenquarlessamcare

version of tls you use would depend on your environment. You could set on Node something like in this article:

https://stackoverflow.com/questions/63296828/force-setting-tls-vresion-1-2-when-sending-out-a-request-from-node-js-to-docusig

On my side default maximum version allowed is used. (if I choose minimum 1.1 and max 1.3)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ibalosh @katlimruiz @erikfunkis @glenquarlessamcare