How to fix Sandbox bluesnap unsafe legacy renegotiation disabled error when using node.js 17

Question

Node 17 (all versions) return the following error:

https://sandbox.bluesnap.com/services/2/payment-fields-tokens failed, reason: write EPROTO 00DE371301000000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled

I don't have the same issue when using Node 16.

I tried setting

    fetch( // node-fetch
      'https://sandbox.bluesnap.com/services/2/payment-fields-tokens',
      {
        agent: new https.Agent({ // fix attempt
          rejectUnauthorized: false,
        }),
        body, // defined somewhere else
      }
    );

I also set NODE_TLS_REJECT_UNAUTHORIZED=0 in my .env file

and NODE_OPTIONS=--openssl-legacy-provider

and the same issue happens

I know this is probably a problem with bluesnap but a workaround would help while they resolve their issues and I can keep using the latest node version

Downgrading node from v17 to v16 fixed this issue. I have been struggling for weeksssss....thanks!! — julianm, Jan 04 '22 at 04:22

score 1 · Accepted Answer · answered Nov 08 '22 at 11:21

1

The new version/endpoints for Bluesnap API, are OK with the latest version of NodeJS.

https://sandpay.bluesnap.com https://pay.bluesnap.com

answered Nov 08 '22 at 11:21

Yechezkel Deren

126
4

score 0 · Answer 2 · answered Nov 15 '22 at 19:38

I believe if you force the TLS version to TLS1.3, "secure renegotiation" will no longer be an issue (it is not supported with TLSv1.3). You can do that by setting the maxVersion to 'TLSv1.3' within your node client. This should allow you to use ws.bluesnap.com domain which support TLS1.3

score -1 · Answer 3 · answered Feb 07 '22 at 18:51

-1

If you're using nvm try running this command from the root directory:

nvm install --lts

answered Feb 07 '22 at 18:51

DoubleBackSlash

49
1
5

How to fix Sandbox bluesnap unsafe legacy renegotiation disabled error when using node.js 17

3 Answers3