Nodejs SSL/TLS Security Settings

From IVS Wiki
Jump to: navigation, search
  1. Connect to the server via ssh or access the shell via the console.
  2. Type in the following, and then press Enter:
    sudo nano /var/www/v3/nodejs/server.js
  3. Locate the line in the file
    ca: fs.readFileSync('/etc/apache2/ssl/valt.crt') // path to ca
  4. add a comma to end the of this line after the closing ).
  5. Add the following lines below this line:
secureProtocol: 'TLSv1_2_method',
ciphers: ['ECDH+AESGCM','DH+AESGCM','ECDH+AES256','DH+AES256','ECDH+AES128','DH+AES','RSA+AESGCM','RSA+AES','!aNULL','!MD5','!DSS'].join(':'),
honorCipherOrder: true
  1. Type CTRL-X and then press Enter to exit.
  2. Enter Y to save changes.
  3. Do not change the name and press Enter to save the changes.
  4. Type in the following, and then press Enter:
    sudo service valtcontrols restart

You can verify the active ciphers by running the following command:

nmap -sV --script ssl-enum-ciphers -p 20100 <host>