From 24ab8c6ad4478aadaae90444b04ce7b3d3fc2851 Mon Sep 17 00:00:00 2001 From: Sunny Date: Wed, 17 Oct 2018 23:53:54 +0800 Subject: [PATCH] fix(Server): Set tls.DEFAULT_ECDH_CURVE to 'auto' The default value of tls.DEFAULT_ECDH_CURVE is 'prime256v1', it breaks the connection when certificate is not compatible with the default curve since node^8.6.0. To fix this issue, we need set it to 'auto', makes OpenSSL select the curve automatically. --- lib/Server.js | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lib/Server.js b/lib/Server.js index eecb6c71a7..34a4ecc9bc 100644 --- a/lib/Server.js +++ b/lib/Server.js @@ -40,6 +40,13 @@ const createCertificate = require('./utils/createCertificate'); const validateOptions = require('schema-utils'); const schema = require('./options.json'); +// Workaround for node ^8.6.0, ^9.0.0 +// DEFAULT_ECDH_CURVE is default to prime256v1 in these version +// breaking connection when certificate is not signed with prime256v1 +// change it to auto allows OpenSSL to select the curve automatically +// See https://github.com/nodejs/node/issues/16196 for more infomation +require('tls').DEFAULT_ECDH_CURVE = 'auto'; + const STATS = { all: false, hash: true,