Difference between revisions of "Nodejs SSL/TLS Security Settings"
IVSWikiBlue (talk | contribs) (Created page with "# Connect to the server via ssh or access the shell via the console. # Type in the following, and then press Enter: <pre>sudo nano /var/www/v3/nodejs/server.js</pre> # Locate...") |
IVSWikiBlue (talk | contribs) |
||
| Line 1: | Line 1: | ||
| + | <div class="section"> | ||
# Connect to the server via ssh or access the shell via the console. | # Connect to the server via ssh or access the shell via the console. | ||
# Type in the following, and then press Enter: <pre>sudo nano /var/www/v3/nodejs/server.js</pre> | # Type in the following, and then press Enter: <pre>sudo nano /var/www/v3/nodejs/server.js</pre> | ||
| Line 15: | Line 16: | ||
<pre>nmap -sV --script ssl-enum-ciphers -p 20100 <host></pre> | <pre>nmap -sV --script ssl-enum-ciphers -p 20100 <host></pre> | ||
| + | </div> | ||
Revision as of 07:36, 29 September 2022
- Connect to the server via ssh or access the shell via the console.
- Type in the following, and then press Enter:
sudo nano /var/www/v3/nodejs/server.js
- Locate the line in the file
ca: fs.readFileSync('/etc/apache2/ssl/valt.crt') // path to ca - add a comma to end the of this line after the closing ).
- Add the following lines below this line:
secureProtocol: 'TLSv1_2_method',
ciphers: ['ECDH+AESGCM','DH+AESGCM','ECDH+AES256','DH+AES256','ECDH+AES128','DH+AES','RSA+AESGCM','RSA+AES','!aNULL','!MD5','!DSS'].join(':'),
honorCipherOrder: true
- Type CTRL-X and then press Enter to exit.
- Enter Y to save changes.
- Do not change the name and press Enter to save the changes.
- Type in the following, and then press Enter:
sudo service valtcontrols restart
You can verify the active ciphers by running the following command:
nmap -sV --script ssl-enum-ciphers -p 20100 <host>
