Skip to content

Commit

Permalink
fix(Server): Set tls.DEFAULT_ECDH_CURVE to 'auto'
Browse files Browse the repository at this point in the history
The default value of tls.DEFAULT_ECDH_CURVE is 'prime256v1',
it breaks the connection when certificate is not compatible
with the default curve since node^8.6.0.

To fix this issue, we need set it to 'auto', makes OpenSSL
select the curve automatically.
  • Loading branch information
nekolab committed Oct 17, 2018
1 parent d2f4902 commit 24ab8c6
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions lib/Server.js
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,13 @@ const createCertificate = require('./utils/createCertificate');
const validateOptions = require('schema-utils');
const schema = require('./options.json');

// Workaround for node ^8.6.0, ^9.0.0
// DEFAULT_ECDH_CURVE is default to prime256v1 in these version
// breaking connection when certificate is not signed with prime256v1
// change it to auto allows OpenSSL to select the curve automatically
// See https://github.com/nodejs/node/issues/16196 for more infomation
require('tls').DEFAULT_ECDH_CURVE = 'auto';

const STATS = {
all: false,
hash: true,
Expand Down

0 comments on commit 24ab8c6

Please sign in to comment.