Windows installation fails with "The request was aborted: Could not create SSL/TLS secure channel." #33140
Comments
bnoordhuis
added
install
I don't know if there's anything the install script could do differently except maybe try a newer powershell version? I'm not sure if that'd make a difference but perhaps you can try it. This is the relevant line: |
|
@bnoordhuis Awesome. That did the trick! I installed the latest Powershell release from https://github.com/PowerShell/PowerShell/releases/tag/v7.0.0 and replaced by in the batch file you mentioned. The installation worked fine now! Would it be worth replacing the default "v1.0" in the batch file by something newer? Maybe try to find the system's latest Powershell installation? Or rely on the Powershell installation to modify the PATH environment variable such that you could omit the directory altogether? At least the installation of the latest version asked if I wanted it to be added to PATH. |
|
I think we're open to such changes. I don't use Windows myself so I can't really evaluate the impact but if you open a PR for people to chime in, we'll take it from there. |
|
FWIW, the C:\>c:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
Try the new cross-platform PowerShell https://aka.ms/pscore6
PS C:\> $PSVersionTable.PSVersion
Major Minor Build Revision
----- ----- ----- --------
5 1 18362 752 |
|
Ah thanks. I have never used Powershell before and I have very little experience with batch scripts. Thus, it would be difficult for me to open a PR. |
|
The Change shouldn't be that big... You'd only need to change the one line mentioned by @bnoordhuis If you want I can submit a PR for that |
Powershell defaults to tls 1.0 - This forces powershell to use tls 1.2 Tls 1.2 is supported in all current microsoft operating systems and needed to download chocolatey. Fixes: nodejs#33140
Powershell defaults to tls 1.0 - This forces powershell to use tls 1.2 Tls 1.2 is supported in all current microsoft operating systems and needed to download chocolatey. Fixes: nodejs#33140 PR-URL: nodejs#33609 Reviewed-By: Bartosz Sosnowski <bartosz@janeasystems.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Powershell defaults to tls 1.0 - This forces powershell to use tls 1.2 Tls 1.2 is supported in all current microsoft operating systems and needed to download chocolatey. Fixes: #33140 Backport-PR-URL: #34461 PR-URL: #33609 Reviewed-By: Bartosz Sosnowski <bartosz@janeasystems.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Powershell defaults to tls 1.0 - This forces powershell to use tls 1.2 Tls 1.2 is supported in all current microsoft operating systems and needed to download chocolatey. Fixes: nodejs#33140 PR-URL: nodejs#33609 Reviewed-By: Bartosz Sosnowski <bartosz@janeasystems.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Powershell defaults to tls 1.0 - This forces powershell to use tls 1.2 Tls 1.2 is supported in all current microsoft operating systems and needed to download chocolatey. Fixes: #33140 PR-URL: #33609 Backport-PR-URL: #34462 Reviewed-By: Bartosz Sosnowski <bartosz@janeasystems.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
|
This is a general PowerShell issue, replicated on PS v1 and v5 on Windows 7 (with Node.js v13.6). Solution (from here: https://stackoverflow.com/a/62389502) is to enable TLS 1.2 as supported protocol (which is separate from it being supported) by running in admin PS: In my case I also had to manually run the command instead of using the batch file: |
|
@neogic Was this reintroduced? As far as I can tell this should've been closed since my pull request was merged and backported. |
|
@jschpp I saw with a recently installed version of Node (v13.6) - though not the latest (v14.17.x) because I think I ran into an issue with NPM on Win 7. At the core it's pretty definitely a PowerShell TLS/SSL config issue - I reproduced by running just |
System
What steps will reproduce the bug?
How often does it reproduce? Is there a required condition?
Always fails. No condition required.
What is the expected behavior?
Installation just works and finishes without errors.
What do you see instead?
The error message:
Additional information
This seems to be well-known with Chocolatey clients:
https://chocolatey.org/docs/troubleshooting#the-request-was-aborted-could-not-create-ssltls-secure-channel
which has recently removed support for older TLS versions, see:
https://chocolatey.org/blog/remove-support-for-old-tls-versions
My computer does support TLS 1.2 and the Powershell command
returns
True.I have also created a file
C:\Users\<myusername>\Documents\PowerShell\Profile.ps1with contentbut that did not change anything. The installation still fails.
What can I do to install nodejs with its additional tools?
Can you update your installation scripts, please?
The text was updated successfully, but these errors were encountered: