Node 12 ssl_choose_client_version:unsupported protocol error with auth-ldap plugin
-
After upgrading to node.js v12.18.2 and upgrading to the latest version of XO Community 5.62.0. I'm getting an error with the auth-ldap plugin connecting to Active Directory over SSL port 636.
140338573449088:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../deps/openssl/openssl/ssl/statem/statem_lib.c:1942:I'm currently guessing it has something to do with node 12 defaults to TLS 1.2. And need to add --tls-min-v1.0 when running XO.
How do I add this to test it?I got the idea from here: https://stackoverflow.com/questions/59898050/axios-ssl-error-with-node-12-ssl-routinesssl-choose-client-versionunsupporte
-
Ping @julien-f who'll take a look when he can
-
@DeOccultist You can run
xo-serverwith this flag:> which xo-server /usr/local/bin/xo-server > node --tls-min-v1.0 /usr/local/bin/xo-server -
@julien-f Thanks for the help.
My xo-server is installed in /opt/xen-orchestra/packages/xo-server/bin/xo-server.
After stopping the service when I run
node --tls-min-v1.0 /opt/xen-orchestra/packages/xo-server/bin/xo-serverI get the error
2020-07-06T00:58:51.959Z xo:plugin INFO Cannot find module '/usr/local/lib/node_modules/xo-server-cloud' Require stack: - /opt/xen-orchestra/packages/xo-server/dist/index.js - /opt/xen-orchestra/packages/xo-server/index.js - /opt/xen-orchestra/packages/xo-server/bin/xo-server { error: Error: Cannot find module '/usr/local/lib/node_modules/xo-server-cloud'How do I add the --tls-min-v1.0 parameter in and start it as a service instead?
-
@julien-f Actually it'll be good to know how to set that parameter as a service but it is not necessary anymore. The better solution was to enable TLSv1.2 on the directory instead.
Thanks for the help.
-
Yep, that's the best solution
Have a nice day.
