{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 疯言疯语 的问题《node.js openssl error: dh key too small》','https://www.manongdao.com/q-662620.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm running into an issue trying to make a soap request using node-soap. The error is only on ubuntu, I've tested on windows too - the code (obviously excluding curl) is working there.
The error I get is:
Unhandled rejection Error: write EPROTO 140332284700480:error:14082174:SSL routines:ssl3_check_cert_and_algorithm:dh key too small:../deps/openssl/openssl/ssl/s3_clnt.c:3615:
I've also tried using request/request which also fails. When using plain curl I get a response from the server I'm trying to connect to.
Here's the code I'm using:
exec('curl ' + url, function(err, res) {
log(err); // null
log(res); // expected response
});
request.postAsync({
url,
rejectUnauthorized: false,
requestCert: true,
}).then(val => {
log(val);
}).catch(err => {
log(err); // above error message
})
soap.createClientAsync(url).then(val => {
log(val);
}).catch(err => {
log(err); // above error message
})
I've tested on the following versions:
node 4.4.0 and 5.8.0, ubuntu server version 14.04 and ubuntu 15.04 desktop
The openssl version is OpenSSL 1.0.2f 28 Jan 2016
Can someone help me? Is it possible to make this work somehow?
Please note that you should not do this, as it is considered insecure - but if there's no other way you can set the
--tls-cipher-listflag and enable the ciphers you need - e.g.:Espacially
EXPshould not be used, just as ssl_v3 in general. So better stick to @mscdex's answer...You can read more about this in the tls documentation: https://nodejs.org/api/tls.html#tls_modifying_the_default_tls_cipher_suite
The last part from the docs about this:
Most likely the server is trying to use less secure Diffie-Hellman keys during the TLS handshake. The only fix is for the server administrators to upgrade/fix their software.