doc: tls: note that SSLv2 is disabled by default

As of commit 39aa894, SSLv2 support is disabled by default. Update the documentation to reflect that.
2024-12-01 16:10:02 +01:00 · 2014-01-20 16:19:00 +01:00 · 2014-01-20 16:19:00 +01:00 · 023f0a3122
commit 023f0a3122
parent 8c303115f5
1 changed files with 4 additions and 3 deletions
--- a/doc/api/tls.markdown
+++ b/doc/api/tls.markdown
@ -174,13 +174,14 @@ automatically set as a listener for the [secureConnection][] event.  The
  - `honorCipherOrder` : When choosing a cipher, use the server's preferences
    instead of the client preferences.

-    Note that if SSLv2 is used, the server will send its list of preferences
-    to the client, and the client chooses the cipher.
-
    Although, this option is disabled by default, it is *recommended* that you
    use this option in conjunction with the `ciphers` option to mitigate
    BEAST attacks.

+    Note: If SSLv2 is used, the server will send its list of preferences to the
+    client, and the client chooses the cipher.  Support for SSLv2 is disabled
+    unless node.js was configured with `./configure --with-sslv2`.
+
  - `requestCert`: If `true` the server will request a certificate from
    clients that connect and attempt to verify that certificate. Default:
    `false`.