1.错误信息
write EPROTO 140737037194176:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:
2.问题解析
node.js https模块在v12+中默认使用的TLS1.3,而服务器的TLS不是,如图是TLS1.0。导致报TLS错误
JavonHuang:~ JavonHuang$ curl -iv https://****/mock/52/login
* Trying 0.0.0.0...
* TCP_NODELAY set
* Connected to test.shuangwutech.com (119.23.207.30) port 443 (#0)
* TLS 1.0 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
* Server certificate: test.shuangwutech.com
* Server certificate: TrustAsia TLS RSA CA
* Server certificate: DigiCert Global Root CA
> GET /mock/52/login HTTP/1.1
> Host: test.shuangwutech.com
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Server: openresty/1.13.6.2
Server: openresty/1.13.6.2
< Date: Sat, 16 May 2020 05:45:50 GMT
Date: Sat, 16 May 2020 05:45:50 GMT
< Content-Type: application/json; charset=utf-8
Content-Type: application/json; charset=utf-8
< Content-Length: 269
Content-Length: 269
< Connection: keep-alive
Connection: keep-alive
< Access-Control-Allow-Origin: undefined
Access-Control-Allow-Origin: undefined
< Access-Control-Allow-Credentials: true
Access-Control-Allow-Credentials: true
<
* Connection #0 to host test.shuangwutech.com left intact
{"retcode":"000000","retmsg":"invoke successfully","version":4,"access_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpcCI6IjEwLjg2LjM3LjIxIiwiZXhwIjoxNTg5Mjc1MDk0LCJ1c2VySWQiOiJBUElfVEVTVCIsInVzZXJuYW1lIjoiQVBJ5rWL6K-VIn0.3M-F5HIM4JKq5vcaBSR5LFKs31gNden3DYRlUpXRqog"}JavonHuang:~ JavonHuang$
3.解决方案
添加secureProtocol属性设置,将其TLS版本指定为服务器的版本
const options = {
hostname: '*****',
port: 443,
path: '/mock/52/login',
method: 'GET',
secureProtocol:"TLSv1_method",
headers:{
'Content-Type': 'Application/json',
}
};
const req = https.request(options, (res:any) => {
res.on('data', (d:any) => {
resolve(d);
});
});
req.on('error', (e:any) => {
reject(e);
});
req.end();