[Question] Postmark TLS configuration changes. Any action required for users of this library?

Question

[Question] Postmark TLS configuration changes. Any action required for users of this library?

Closed this issue 4 years ago · 7 comments

Hi!
Thank you for a nice and very useful library!

Postmark sent out emails containing this information: https://postmarkapp.com/updates/upcoming-tls-configuration-changes-for-api-users-action-may-be-required

If I just connect to the PostMark API through this library, do you know if I need to take action? If so, how?

Answer 1 · 2021-02-24T15:23:17.000Z

Hi @erikfunkis

you don't need to take any action with the library. The TLS configuration is not set in the library itself but rather in underlying http library which is using nodejs TLS configuration. NodeJS is using TLS versions which specific node version supports. Recent versions of node support TLS 1.0 through 1.3 and in this case newer version of TLS will be used.

Everything should continue to work the same.

Answer 2 · 2021-02-24T16:02:23.000Z

Hey @erikfunkis

got additional details from a colleague for testing it out.
You can use a temporary endpoint to send email by it to see whether TLS works.
Initialise client with temporary endpoint and then send an email.

let postmark = require("postmark")
const serverToken = "xxxx-xxxxx-xxxx-xxxxx-xxxxxx"
let client = new postmark.ServerClient(serverToken, { requestHost: 'api-ssl-temp.postmarkapp.com', useHttps: true});

Answer 3 · 2021-02-24T19:13:53.000Z

Thank you for the quick response and the concrete suggestion for how to try the new settings! Much appreciated! 🚀💗

Answer 4 · 2021-03-16T18:10:37.000Z

Question. Is the NodeJs package version "postmark": "^2.3.0" impacted with this change?

From what I understand here, it is not, but actually the impact is based on the nodejs version being used? 8, 9, 10?
I am using 10 LTS so probably we are safe.

Am I right?

Answer 5 · 2021-03-17T10:48:19.000Z

Hi @katlimruiz

postmark version "2.3.0" , is working similar to latest one so it should not be impacted by the change. And since you use NodeJS 10, you should be fine. However, I strongly advise using newer (idealy latest) library version, since old versions prior to 2.5.0 uses request library for the requests, which was deprecated.

Answer 6 · 2024-04-22T14:06:48.000Z

How do i enforce use of tls1.1 from my side?

Answer 7 · 2024-04-24T08:42:09.000Z

Hi @glenquarlessamcare

version of tls you use would depend on your environment. You could set on Node something like in this article:

https://stackoverflow.com/questions/63296828/force-setting-tls-vresion-1-2-when-sending-out-a-request-from-node-js-to-docusig

On my side default maximum version allowed is used. (if I choose minimum 1.1 and max 1.3)