Authorize.net TLS禁用通知nodejs

时间:2017-08-03 06:39:02

标签: node.js ssl authorize.net tls1.2 pci-compliance

几天前,我收到 Authorize.net 的通知,要求停用 TLS 1.0 TLS 1.1

我在这里使用nodejs是我在app.js中的代码来禁用TLS1.0和TLS 1.1 

var coach_wins = {
  "player1": [
    {
      year: 2015,
      wins: 6
    },
    {
      year: 2016,
      wins: 6
    }
  ],
  "player2": [
    {
      year: 2015,
      wins: 11
    },
    {
      year: 2016,
      wins: 6
    }
  ]
};

let res; 

Object.values(coach_wins)
.forEach(prop => 
  prop.forEach(({wins}) => {
    if (!res || wins > res) res = wins
  })
);

console.log(res)

但似乎我错过了一些东西。 30小时后我做了SSL实验室测试,得到了以下结果: -

enter image description here

知道我需要做什么吗?

由于

2 个答案:

答案 0 :(得分:1)

尝试将SSLv23_server_method更改为TLSv1_2_server_method 

var sslOptions = {
  key: fs.readFileSync('/etc/ssl/private/private.key'),
  cert: fs.readFileSync('/etc/ssl/certs/STAR_crt.com.crt'),
  secureProtocol: 'TLSv1_2_server_method',
    secureOptions: constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_TLSv1,
  ca: [
            fs.readFileSync('/etc/ssl/certs/AddTrustExternalCARoot_1.crt'),
            fs.readFileSync('/etc/ssl/certs/AddTrustExternalCARoot_2.crt'),
            fs.readFileSync('/etc/ssl/certs/AddTrustExternalCARoot_3.crt')
        ],
      ciphers:[
    "ECDHE-RSA-AES256-SHA384",
    "DHE-RSA-AES256-SHA384",
    "ECDHE-RSA-AES256-SHA256",
    "DHE-RSA-AES256-SHA256",
    "ECDHE-RSA-AES128-SHA256",
    "DHE-RSA-AES128-SHA256",
    "HIGH",
    "!aNULL",
    "!eNULL",
    "!EXPORT",
    "!DES",
    "!RC4",
    "!MD5",
    "!PSK",
    "!SRP",
    "!CAMELLIA",
    "!3DES"
].join(':'),
  //ca: fs.readFileSync('/etc/ssl/certs/AddTrustExternalCARoot.crt'),
  requestCert: false,
  rejectUnauthorized: false
};

答案 1 :(得分:-1)

宣布Authorize.Net将于2018年2月停止支持TLS 1.1和1.0,您需要确保您的系统可以在此时建立TLS 1.2连接。您可以通过连接到仅支持TLS 1.2的沙箱进行测试。

相关问题
最新问题