|
|
|
@ -117,14 +117,13 @@ automatically set as a listener for the [secureConnection][] event. The |
|
|
|
conjunction with the `honorCipherOrder` option described below to |
|
|
|
prioritize the non-CBC cipher. |
|
|
|
|
|
|
|
Defaults to |
|
|
|
`ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH`. |
|
|
|
Defaults to `AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH`. |
|
|
|
Consult the [OpenSSL cipher list format documentation] for details on the |
|
|
|
format. |
|
|
|
format. ECDH (Elliptic Curve Diffie-Hellman) ciphers are not yet supported. |
|
|
|
|
|
|
|
`ECDHE-RSA-AES128-SHA256` and `AES128-GCM-SHA256` are used when node.js is |
|
|
|
linked against OpenSSL 1.0.1 or newer and the client speaks TLS 1.2, RC4 is |
|
|
|
used as a secure fallback. |
|
|
|
|
|
|
|
`AES128-GCM-SHA256` is used when node.js is linked against OpenSSL 1.0.1 |
|
|
|
or newer and the client speaks TLS 1.2, RC4 is used as a secure fallback. |
|
|
|
|
|
|
|
**NOTE**: Previous revisions of this section suggested `AES256-SHA` as an |
|
|
|
acceptable cipher. Unfortunately, `AES256-SHA` is a CBC cipher and therefore |
|
|
|
|
Ben Noordhuis
12 years ago