OpenSSL default security level changed to 2 in Node.js 24.5 but docs still say it's 1

### Affected URL(s)

https://nodejs.org/docs/latest/api/tls.html#openssl-security-level

### Description of the problem

Although the OpenSSL documentation does not mention it, the default security level was changed in OpenSSL 3.2 from 1 to 2; see https://github.com/openssl/openssl/commit/b3a33dac8880b88038083b64d234506659921436. This change was included in Node.js 24.5, but the Node.js "OpenSSL security levels" documentation was not updated.

This was an undocumented breaking change for me, though that's my responsibility for using the Current version. It should be clearly documented if the LTS version is upgraded to OpenSSL 3.5, though, or that version be forced to stay at security level 1.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

OpenSSL default security level changed to 2 in Node.js 24.5 but docs still say it's 1 #59715

Affected URL(s)

Description of the problem

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

OpenSSL default security level changed to 2 in Node.js 24.5 but docs still say it's 1 #59715

Description

Affected URL(s)

Description of the problem

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions