Search code examples
node.jsssltwiliosmsnodemailer

Does Twilio require special configuration when running behind an https server?

I've integrated the basic Twilio SMS functionality for NodeJS ( v16.13.1 ) on my local machine ( http ) and have seen everything working fine. But once it's deployed onto may staging server ( https ) I'm seeing this error:

[Error: 140251391358848:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:
] {
  library: 'SSL routines',
  function: 'ssl3_get_record',
  reason: 'wrong version number',
  code: 'ESOCKET',
  command: 'CONN'
}

All other ssl connections work fine, a quick curl check from the server works well also

curl https://api.twilio.com/ -v

Twilio Implementation:

const Twilio = require('twilio');

    this.twilioClient = new Twilio(accountSID, authToken);
    this.twilioClient.messages
        .create({
            body: textBody,
            to: recipientPhone,
            from: this.twilioConfig.sendingNumber
        })
        .then((message) => logger.log(`SMS Sent: messageId: ${message.sid}`))
        .catch((err) => logger.log(`Error sending SMS: ${err}`))
  • NodeJS v16.13.1
  • Twilio ^3.80.0

Apache SSLProtocol configurations I've tried:

#  SSLProtocol all -SSLv2
#  SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2
  SSLProtocol all +TLSv1.2

I can't seem to find the root cause of this error. Twilio is saying they only support TLSv1.2, so I've specifically enabled that, but no dice ( and yes I restart apache each time ).

Does anyone have any insight?

Solution

  • As it turns out it was an incorrect Nodemailer email config, which was being called immediately before Twilio in my case. Since Twilio was the new piece of code it unfortunately got the blame.

    So for anyone who finds this later, Twilio did not cause this issue; but having a config for Nodemailer like this, for example:

      let transporter = nodemailer.createTransport({
    host: "smtp.ethereal.email",
    port: 587,
    secure: false, // true for 465, false for other ports
    auth: {
      user: testAccount.user, // generated ethereal user
      pass: testAccount.pass, // generated ethereal password
    },
  });

    This line here is the important part:

    secure: false, // true for 465, false for other ports

    If you have this wrong, it will throw the wrong version number ssl error.

    (ref: https://nodemailer.com/about/ )