node.js - Node 12 的 axios SSL 错误 : SSL routines:ssl_choose_client_version:unsupported protocol

Question

我遇到了 axios 的问题和 Node 12。因为我不确定此错误仅与 axios 有关，我按照建议在 SO 上提问，而不是在 axios 的 GitHub 上打开错误。

这是我要运行的代码:

const axios = require('axios')

axios({
  method: 'get',
  url: 'https://www.colisprive.com/moncolis/pages/detailColis.aspx?numColis=12345',
  responseType: 'text'
}).then((response) => {
  console.log(response)
})

此代码在 Node 12 上失败，并出现以下错误:

Error: write EPROTO 140121214769024:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../deps/openssl/openssl/ssl/statem/statem_lib.c:1929:

    at WriteWrap.onWriteComplete [as oncomplete] (internal/stream_base_commons.js:87:16)

针对 Node 11 运行的相同代码不会引发任何错误。

当我 curl -v我懂了 :

*   Trying 91.208.224.32:443...
* TCP_NODELAY set
* Connected to www.colisprive.com (91.208.224.32) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: serialNumber=391029345; jurisdictionC=FR; businessCategory=Private Organization; C=FR; postalCode=13290; ST=Bouches-du-Rh�ne; L=AIX EN PROVENCE; street=1330 AV J R G GAUTIER DE LA LAUZIERE; street=ZI MILLES EUROPARC PICHAURY; O=COLIS PRIVE SAS; OU=0002 391029345; CN=www.colisprive.com
*  start date: Sep  3 00:00:00 2018 GMT
*  expire date: Sep  2 23:59:59 2020 GMT
*  subjectAltName: host "www.colisprive.com" matched cert's "www.colisprive.com"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Extended Validation Secure Server CA
*  SSL certificate verify ok.
> GET /moncolis/pages/detailColis.aspx?numColis=12345 HTTP/1.1
> Host: www.colisprive.com
> User-Agent: curl/7.65.3
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Cache-Control: private
< Content-Type: text/html; charset=utf-8
< Location: /moncolis/Default.aspx?numColis=12345&cp=
< Server: Microsoft-IIS/7.5
< Set-Cookie: ASP.NET_SessionId=eln3cq143d35lfj5tpqkkwcg; path=/; HttpOnly
< X-Powered-By: Colis Priv�
< Date: Fri, 24 Jan 2020 13:48:35 GMT
< Content-Length: 162
< 
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/moncolis/Default.aspx?numColis=12345&amp;cp=">here</a>.</h2>
</body></html>
* Connection #0 to host www.colisprive.com left intact

如您所见，它给出了 302 Found与 Location指向另一个端点的 header 。我同意它应该回答 301 Moved表示文档已移动，但事实并非如此， axios 按预期处理它在 Node 11 上(获取 Location header 下的端点)。

我看到 Node 12 现在默认包含 TLS 1.3，所以这可能与此有关……

此外， X-Powered-By 中有一个未知字符。标题。

我尝试过了 :

使用 express 重现此问题服务器总是回复 302 Found具有相同的标题:按预期工作

获取另一个 .aspx带有 axios 的网页:按预期工作

Answer 1

问题不仅仅在于 axios但与 got也是。

Node.js 12 的默认 TLS 设置现在更加严格。该站点不处理 TLS v1.2。 Node 12 默认需要 1.2。

您可以在运行应用程序时通过命令行标志 (--tls-min-v1.0) 更改此设置。

像这样的东西

node --tls-min-v1.0 app.js