Properly support SSL/TLS options

joepie91 / node-bhttp

A sane HTTP client library for Node.js with Streams2 support.

62 stars 12 forks source link

Open joepie91 opened 9 years ago

joepie91 commented 9 years ago

[ ] Investigate default SSL/TLS behaviour in Node.js https module.
[ ] Investigate whether there are any possible issues stemming from using a shared HTTPS agent across all TLS requests.
[ ] Investigate why the global agent silently ignores options.
[ ] Draw up a list of sane defaults (eg. disallowing SSLv3, ...)
[ ] Investigate whether streaming mode (ie. agent-less) interferes with the use of TLS options.

Current workaround: Define a custom HTTPS agent.

kurtmilam commented 7 years ago

Looking forward to this one. I used the following option to disallow SSLv3 with request and would like to be able to do the same in bhttp:

agentOptions: { securityOptions: "SSL_OP_NO_SSLv3" }