Mimic strictSSL config found in npm:Request ?

Question

Mimic strictSSL config found in npm:Request ?

Closed this issue 4 years ago · 3 comments

We have a dev server that uses a self signed certificate, there is also some bits passed to indicate our TLS handshake is out of spec. This works with the Request package but not with Popsicle. I'd like to use Popsicle for servers with certificate issues.

How can I pass config through to the transport when I'm using NodeJS to allow a connection ?

(getting ECONNREST)

Answer 1 · 2017-09-20T06:41:53.000Z

You can use rejectUnauthorized: false from https://github.com/blakeembrey/popsicle#built-in-transports. Let me know if that's what you're after!

Answer 2 · 2017-09-29T18:03:43.000Z

That helped but you need to pass secureOptions through for the Node transport. This will solve an issue with TLS v 1.2 backwards compatibility. In our shop we have servers running older TLS versions, the client handshake fails without sending require('options').SSL_OP_NO_TLSv1_2 through to the transport:

I added this to the Popsicle code but the connection still fails:

if (_isDefined(options.strictSSL)) {
options.transport = popsicle.createTransport({
rejectUnauthorized: !options.strictSSL
,secureOptions: constants.SSL_OP_NO_TLSv1_2
});
}

Answer 3 · 2021-01-11T07:23:32.000Z

Closing this out as it's been added as a configuration option in https://github.com/serviejs/popsicle-transport-http going forward.