SSLv3 error when sending a request to a endpoint

Question

I am attempting to request data from an endpoint however I am currently getting the following error. Any ideas how it can be resolved.

REQUEST: Error: write EPROTO 140735243141888:error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message:../deps/openssl/openssl/ssl/s3_pkt.c:1289:SSL alert number 10

var cert = '{location to my certificate}'
var key = '{location to my key}'

var fs = require('fs')
    , request = require('request');

function authCallback (error, response, body) {
  if (!error && response.statusCode == 200) {
  console.log(response.headers);
  } else {
  console.error("REQUEST: "+error)
 };
}

var options = {
url: 'https://some.endpoint.co.uk',
agentOptions: {
    cert: fs.readFileSync(cert),
    key: fs.readFileSync(key),
    securityOptions: 'SSL_OP_NO_SSLv3'
 }
}

request.get(options, authCallback);

Many Thanks

Answer 1

My problem was similar but solution is different

FetchError: request to https://test-bdo.mos.gov.pl/api/WasteRegister/WasteTransferCard/v1/Kpo/receiver/search failed, reason: write EPROTO 140695301860680:error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 80

For some reason none of SSL related fixes solved my problem. I used some public API and problem only existed for some endpoints, so it was even more confusing.

The solution

What I did wrong - I passed headers from frontend to the backend and forwarded them to the API. Browser adds many headers, which were unnecessary here. When I limited headers to Authorization and Content-Type headers problem disappeared.

Answer 2

I am using npm urllib and commented out the following line and then the problem was solved.

options.secureOptions = require('constants').SSL_OP_NO_TLSv1_2;

Answer 3

If you are using node 8 try adding this line:

require("tls").DEFAULT_ECDH_CURVE = "auto"