Please allow setting TLS minVersion
103 views
Skip to first unread message
Kannan Goundan
Nov 27, 2019, 2:36:34 AM11/27/19
to node-mysql
node-mysql 2.17.1
Ubuntu 18.04
Under Node 8, I'm able to use node-mysql to connect to an Amazon RDS instance.
Under Node 12, the same code errors out with:
Error: 139907407202176:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../deps/openssl/openssl/ssl/statem/statem_lib.c:1929:
--------------------
at Protocol._enqueue (/var/h/deploy/airtable/node-mysql-test/node_modules/mysql/lib/protocol/Protocol.js:144:48)
at Protocol.handshake (/var/h/deploy/airtable/node-mysql-test/node_modules/mysql/lib/protocol/Protocol.js:51:23)
The code works if I run Node with "--tls-min-v1.0". However, I don't want to change the global TLS settings; I'd rather just change the settings for the specific connections.
There's a similar issue on node-mysql2 that was recently fixed: <https://github.com/sidorares/node-mysql2/issues/960>. I adapted their solution to node-mysql and then passed in "minVersion: 'TLSv1'" and everything worked.
(BTW, I'm sending this to the mailing list because the GitHub issue tracker told me: "An owner of this repository has limited the ability to open an issue to users that have contributed to this repository in the past." It would be nice to be able to file things like this directly on the issue tracker.)
Kannan Goundan
Feb 6, 2020, 5:42:17 PM2/6/20
to node-mysql
Does anybody have objections to this idea? Is there any more information I can provide?
We're currently using a private fork of node-mysql to work around this issue. It would be nice to go back to using the normal upstream version :-)
We're currently using a private fork of node-mysql to work around this issue. It would be nice to go back to using the normal upstream version :-)
Reply all
Reply to author
Forward
0 new messages