How to use" secureProtocol: 'SSLv3_method'" #530
Comments
|
+1 Also reported in the node bug tracker here: Shouldn't there be a good way to generically fix this (allowing a set of override options into request)? |
|
Actually, nm. I guess that stack overflow ticket points out that adding this will work: var https = require('https'); I think you can close this one out. |
|
It somehow didn't work that way for me but adding that to the node-request's options worked fine. Thanks. |
|
Given the recent SSLv3 vulnerability (CVE-2014-3566) it looks like a bad idea to set a global secureProtocol of |
|
what is the replacement for SSLv3_method now? |
|
Per request, you can define: or just not define it and, if I'm not wrong, it is again TLS. |
|
just tried 'TLSv1_method', and it works. |
For some HTTPS requests, I'm getting an error:
7068:error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected message:openssl\ssl\s23_clnt.c:658:
which is told to be fixed by using "secureProtocol: 'SSLv3_method'" option in the request (for node https) (via: http://stackoverflow.com/questions/11091974/ssl-error-in-nodejs).
Is it possible to use that option in node-request or customize which SSL connection version to use?
The text was updated successfully, but these errors were encountered: