certificate issue in nodejs https request

Question

I have the following error while making an https get request

{ Error: write EPROTO 101057795:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:openssl\ssl\s23_clnt.c:802:
at _errnoException (util.js:992:11)
at WriteWrap.afterWrite [as oncomplete] (net.js:864:14) code: 'EPROTO', errno: 'EPROTO', syscall: 'write' }

I am trying to make a request to corporate internal resource where proxy is not needed.

const request = require('request')
var token= myToken
request({
  method: 'post',
  url: 'https://myURL',
  data: {
    myData
  },
  headers: { 'Authorization': 'Bearer myToken' },
  agentOptions: {
    rejectUnauthorized: false,
  },
}, function (error, response, body) {
if(error){
  console.log('Error: ', error)
} else {
  console.log(body)
}
})

I also have strict-ssl=false in my .npmrc.

What I have notices is that I can make the same call curl with no issues.

curl -k1 -XPOST -H "Authorization: Bearer %TOKEN%" "https://%URL% -d @data,json -H "content-type: application/json"

-k1 option in curl seems to fix the issue with the certificate.

What am I doing wrong in JavaScript?

Answer 1

It turned out to be a bug in node version 8. I finally found a solution here - https://github.com/nodejs/node/issues/16196

One needs to add the following into her code:

require("tls").DEFAULT_ECDH_CURVE = "auto"

Answer 2

request({
  method: 'post',
  url: 'https://myURL',
  data: {
    myData
  },
  headers: { 'Authorization': 'Bearer myToken' },
  rejectUnauthorized: false,
}, function (error, response, body) {
if(error){
  console.log('Error: ', error)
} else {
  console.log(body)
}
});

If you don't want the TLS check all over the node project set process.env.NODE_TLS_REJECT_UNAUTHORIZED=0;