Configure the https agent to allow only TLS1.2 for outgoing requests

Question

Configure the https agent to allow only TLS1.2 for outgoing requests

I am making HTTPS connections from a host application using a client certificate:

var options = { 
    hostname: 'https://my-server.com', 
    port: 443, 
    path: '/', 
    method: 'GET', 
    key: fs.readFileSync('client1-key.pem'), 
    cert: fs.readFileSync('client1-crt.pem'), 
    ca: fs.readFileSync('ca-crt.pem') }; 

var req = https.request(options, res => { 
    [...]
});

Everything works fine, however I want to add code to allow only TLS 1.2 connections. I cannot find a way to configure this in the https.agent options or elsewhere. Is it possible to configure this, or do I need to establish a connection and then request the protocol version , for example:

res.socket.getProtocol() === 'TLSv1.2'

and abort if the protocol is not satisfactory?

+9

node.js https tls1.2

Jhh Jun 19 '17 at 11:22

source share

1 answer

supersam654 · Accepted Answer · 2017-06-19T16:18:21+0000

HTTPS-. , tls.connect() , secureProtocol. tls.connect() tls.connect(), secureContext tls.createSecureContext(). , , secureProtocol OpenSSL. , (TLSv1_2_method) secureProtocol https.request.

SSL Version: TLS 1.2 secureProtocol SSL Version: TLS 1.1 secureProtocol: "TLSv1_1_method". , TLS.

var https = require('https')

var options = {
    hostname: 'www.howsmyssl.com',
    port: 443,
    path: '/a/check',
    method: 'GET',
    secureProtocol: "TLSv1_2_method"
}

https.request(options, res => {
  let body = ''
  res.on('data', d => body += d)
  res.on('end', () => {
    data = JSON.parse(body)
    console.log('SSL Version: ' + data.tls_version)
  })
}).on('error', err => {
  // This gets called if a connection cannot be established.
  console.warn(err)
}).end()

Configure the https agent to allow only TLS1.2 for outgoing requests

More articles: