Hi everyone, I am seeing the following error when running a containerized NodeJS http server on Cloud Run behind a GCP HTTPS load balancer:
⨯ TypeError: fetch failedat Object.fetch (node:internal/deps/undici/undici:11372:11)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
cause: [Error: 18CCCA514A3E0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:354:
] {
library: 'SSL routines',
reason: 'wrong version number',
code: 'ERR_SSL_WRONG_VERSION_NUMBER'
}
}
node -v: v20.8.1
node -p process.versions: openssl: '3.0.10+quic'
Which looks to be pointing here: https://github.com/openssl/openssl/blob/openssl-3.0.10/ssl/record/ssl3_record.c#L354
I am using the default SSL Policies (older pic, it is in fact applied to a target):
Via nmap --script ssl-enum-ciphers -p 443 domain.com I see the following dump:
Using the native nodeJS fetch api works perfectly locally / in other environments (ie: I tried this using nginx as a reverse proxy which works) but I cant seem to understand what I am doing wrong in GCP.
Are there any custom backend headers I need to create? Any tls configurations I need to apply? I tried all custom minimum TLS version settings (TLSv1.0-1.2) with no luck.
Any advice would be greatly appreciated!
