I have been having issues reaching an internal API with following error.
write EPROTO 4390231552:error:1425F102:SSL routines
I guess this happens since Node.js 12's default TLS settings are stricter now.
The site doesn't handle TLS v1.2. Node 12 by default need 1.2
On my local machine, I could specify the TLS version to make this work like this "node --tls-min-v1.0 apiProd.js"
How can I turn off the TLS verification? or make this work?
Hey Anil, I will check with the team if there is a way to lower the Node TLS version or any other workarounds. That being said, as you may be aware that Adobe I/O Runtime and Project Firefly are moving away from NodeJS 12 to NodeJS 14. Could you try using NodeJS 14 and see if you can work around the problem?
Thank you for getting back!
Yes I did read about the update to NodeJS 14. I had issues updating as well. Awaiting reply to my query to kanika's post here.
I tried updating the manifest.yml from 12 to
In your projects root folder is a file named package.json. in there you need to update the node support from ^10 || ^12 to 12^ || 14^.
I will send you a video on how to do it via messaging. The video will be posted to YouTube Adobe Developer channel next week.
Thank you all the node version is resolved, but it would be great if you could post here about the SSL issue when have an update
Yes, I'm afraid it is.
I get the below error, when I try to access an internal API.
Works fine in Postman, but error's out in action.
"message": "write EPROTO 140477986916224:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../deps/openssl/openssl/ssl/statem/statem_lib.c:1958:\n",
I checked with the team and there is no way to specify or lower the TLS version. We do not recommend our customers to use anything below TLS 1.2 because both TLS 1.0 and TLS 1.1 are not as secure and the industry as a whole is moving away from them.
Thus, our recommendation would be to upgrade the service/API in question to use TLS 1.2 or higher.
For the sake of completeness, you could try to work around the issue by using Node JS 10 for your functions. That being said, we again do not recommend this approach because -
1. NodeJS 10 is no longer being maintained since April 2021.
2. You are likely to see higher latencies for actions using Node JS 10 due to cold starts (we will only prewarm Node 14 containers going forward.)
As a rule, any command line options available for node, can be set as the environment variable NODE_OPTIONS (each option is space separated).
In this case, in your action code, you can set it as:
process.env.NODE_OPTIONS = "--tls-min-v1.0"
... right before your api call.
Unset it after so you won't affect the security of any other calls:
process.env.NODE_OPTIONS = "--tls-min-v1.0" await doSomeApiCall() delete process.env.NODE_OPTIONS