Forcing TLS 1.1 or higher on node.js

Question

Forcing TLS 1.1 or higher on node.js

I am trying to create a server that will use TLS 1.1 or higher.

This is my current TLS configuration:

var options = {};
options.key  = fs.readFileSync('privatekey.pem');
options.cert = fs.readFileSync('certificate.pem');
options.secureProtocol = 'TLSv1_server_method';
options.ciphers = "AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH";
options.honorCipherOrder = true;
httpServer = https.createServer(options, app);

Just as suggested here

From reading the Openssl manual here I didn't find anything about TLS 1.1

Any suggestions?

+4

node.js ssl

Oleg.R 02 Apr 14 at 8:33

source to share

2 answers

TLS 1.0 should no longer be used. This works to disable TLS 1.0 in node.js:

https.createServer({
        secureOptions: require('constants').SSL_OP_NO_TLSv1,
        pfx: fs.readFileSync(path.resolve(pathToCert))
    }, app).listen(443);

You can check it with this tool: ssllabs

0

user896993 Jul 29. 16 at 2:31 am

source to share

Oleg.R · Accepted Answer · 2015-03-30T08:28:14+0000

This did the trick:

options.secureProtocol = 'SSLv23_server_method';
options.ciphers = "AES128-GCM-SHA256:HIGH:!MD5:!aNULL:!EDH";

The correct place to search was here

Forcing TLS 1.1 or higher on node.js

More articles: