diff options
| author | Timothy J Fontaine <tjfontaine@gmail.com> | 2014-10-15 13:56:40 -0700 |
|---|---|---|
| committer | Timothy J Fontaine <tjfontaine@gmail.com> | 2014-10-15 17:36:05 -0700 |
| commit | d601c76f4d728dd7adfa2fbbed2fe86de2e6b479 (patch) | |
| tree | a6c96f48352b90269d5cc8bf4eba30025d9192fa /doc/api/https.markdown | |
| parent | c1f4aacc75c0a64a81a2be8d6a3a23aa21a31b15 (diff) | |
| download | node-d601c76f4d728dd7adfa2fbbed2fe86de2e6b479.tar.gz | |
crypto: allow runtime opt in using SSLv2/SSLv3
This change disables SSLv2/SSLv3 use by default, and introduces a
command line flag to opt into using SSLv2/SSLv3.
SSLv2 and SSLv3 are considered unsafe, and should only be used in
situations where compatibility with other components is required and
they cannot be upgrade to support newer forms of TLS.
Diffstat (limited to 'doc/api/https.markdown')
| -rw-r--r-- | doc/api/https.markdown | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/api/https.markdown b/doc/api/https.markdown index 8f608b1a7..e5023c3ec 100644 --- a/doc/api/https.markdown +++ b/doc/api/https.markdown @@ -126,8 +126,8 @@ The following options from [tls.connect()][] can also be specified. However, a the list of supplied CAs. An `'error'` event is emitted if verification fails. Verification happens at the connection level, *before* the HTTP request is sent. Default `true`. -- `secureProtocol`: The SSL method to use, e.g. `SSLv3_method` to force - SSL version 3. The possible values depend on your installation of +- `secureProtocol`: The SSL method to use, e.g. `TLSv1_method` to force + TLS version 1. The possible values depend on your installation of OpenSSL and are defined in the constant [SSL_METHODS][]. In order to specify these options, use a custom `Agent`. |