It recently came to light that SSLv2 support in the TLS/HTTPS modules in node.js is enabled by default if supported by the system OpenSSL library. Now, it may or may not be a suprise to some that SSLv2 is sufficiently broken and has in fact has been deprecated (since 1996) that it warrants disabling in any serious production environment.
Now, for node.js depending on the SSL library used, it will enable SSLv2 by default , which as you know by know is not a good idea.
To verify that you cannot connect with SSLv2 to your node server, fire off the following openssl command:
And the response should look something akin to:
If you see something like the following, then you should consider disabling SSLv2:
One (seemingly undocumented on the server side) is to pass one of the
available OpenSSL CTX methods
SSLv3_method to the
httpsOptions object in the
.createServer(...)methods in Node.js.
Setting this option will force a single protocol to the SSL handshake,
meaning that for some older clients such as the default OpenSSL on OSX this will
cause an issue for the handshake, where it tries to negotiate a
which with the above change is an unsupported fallback method for SSLv2
( note the
SSL23_WRITE ), as per OSX 10.7:
A solution for this particular problem which may affect applications that use the system OpenSSL on is to recompile node with the --no-ssl2 option.
After passing that option as
./configure --no-sslv2, you should find that older
clients are now able to connect directly using TLSv1/SSLv3, and avoid the instant
handshake fail as before:
If you have Nginx/Apache in front of Node.js then since v1.0 then make sure you're disabling it there too: http://www.evanhoffman.com/evan/2011/09/20/making-sure-sslv2-is-disabled-in-apache/
Note that on some popular SSL strength/vulnerability analysers, SSlv2 support is an automatically failing grade. By disabling it, you can go from an 'F' to a 'A' with a minor tweak!