-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to use" secureProtocol: 'SSLv3_method'" #530
Comments
+1 Also reported in the node bug tracker here: Shouldn't there be a good way to generically fix this (allowing a set of override options into request)? |
Actually, nm. I guess that stack overflow ticket points out that adding this will work: var https = require('https'); I think you can close this one out. |
It somehow didn't work that way for me but adding that to the node-request's options worked fine. Thanks. |
Given the recent SSLv3 vulnerability (CVE-2014-3566) it looks like a bad idea to set a global secureProtocol of |
what is the replacement for SSLv3_method now? |
Per request, you can define: or just not define it and, if I'm not wrong, it is again TLS. |
just tried 'TLSv1_method', and it works. |
For some HTTPS requests, I'm getting an error:
7068:error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected message:openssl\ssl\s23_clnt.c:658:
which is told to be fixed by using "secureProtocol: 'SSLv3_method'" option in the request (for node https) (via: http://stackoverflow.com/questions/11091974/ssl-error-in-nodejs).
Is it possible to use that option in node-request or customize which SSL connection version to use?
The text was updated successfully, but these errors were encountered: