CVE-2021-38628 in nodeJs

97 Views Asked by xSh6a At 29 September 2022 at 13:38

Description:
Disable the use of TLSv1.0 protocol in favor of a cryptographically stronger protocol such as TLSv1.2.

The following openssl commands can be used to do a manual test: openssl s_client -connect ip:port -tls1 If the test is successful, then the target support TLSv1

Env:
Nuxt application in dockerfile (same as any other nodejs web application)

Original Q&A

There are 1 best solutions below

xSh6a On 29 September 2022 at 13:38

To fix this issue either you'll need to add in your nginx conf file:

ssl_protocols TLSv1.2;

don't forget to replace the default configuration in nginx using docker file:

COPY ./nginx/conf.d /etc/nginx/conf.d

this may not solve the issue, if it's the case upgrade your node version (in my case i'm using 16.17.0-alphine)

you can test it locally before deploying running this cmd:

openssl s_client -connect ip:port -tls1 (and openssl s_client -connect ip:port -tls1_1)

should not show your certificate, then run: openssl s_client -connect ip:port -tls1_2

if now you're able to see your certificate only in the second command then you have successfully fixed the issue.

CVE-2021-38628 in nodeJs

There are 1 best solutions below

Related Questions in NODE.JS

Related Questions in DOCKER

Related Questions in VUE.JS

Related Questions in NUXT.JS

Related Questions in PCI-COMPLIANCE

Trending Questions

Popular # Hahtags

Popular Questions