How to fix Node.js ERR_TLS_RENEGOTIATION_DISABLED TLS renegotiation was attempted but is disabled?

Handle the error event and close the socket: Destroying the socket on renegotiation attempts enforces the no-renegotiation policy.

ERR_TLS_RENEGOTIATION_DISABLED

Node.jsERRORNotableTLSHIGH confidence

TLS renegotiation was attempted but is disabled

Production Risk

Low — the error is the intended behaviour when renegotiation is disabled; handle gracefully.

What this means

Thrown when a TLS client or server attempts to renegotiate the TLS session, but renegotiation has been disabled via tlsSocket.disableRenegotiation(). Renegotiation is disabled as a security measure to prevent certain DoS and attack vectors.

Why it happens

1Client sends a TLS renegotiation request after disableRenegotiation() was called
2Server middleware that calls disableRenegotiation() on all sockets then receives a client renegotiation

How to reproduce

Triggered when a TLS renegotiation handshake is received on a socket where renegotiation has been disabled.

trigger — this will error

const tls = require('tls');
const server = tls.createServer(options, (socket) => {
  socket.disableRenegotiation();
  // If the client now sends a renegotiation, the socket emits an error:
  socket.on('error', (err) => {
    console.error(err.code); // ERR_TLS_RENEGOTIATION_DISABLED
  });
});

expected output

Error [ERR_TLS_RENEGOTIATION_DISABLED]: TLS session renegotiation disabled for this socket

Fix

Handle the error event and close the socket

WHEN When renegotiation is intentionally disabled for security

Handle the error event and close the socket

socket.disableRenegotiation();
socket.on('error', (err) => {
  if (err.code === 'ERR_TLS_RENEGOTIATION_DISABLED') {
    socket.destroy(); // close the connection
  }
});

Why this works

Destroying the socket on renegotiation attempts enforces the no-renegotiation policy.

Code examples

Triggerjs

const tls = require('tls');
const server = tls.createServer(options, (socket) => {
  socket.disableRenegotiation();
  // If the client now sends a renegotiation, the socket emits an error:
  socket.on('error', (err) => {
    console.error(err.code); // ERR_TLS_RENEGOTIATION_DISABLED  // this triggers ERR_TLS_RENEGOTIATION_DISABLED

Handle in try/catchjs

try {
  // operation that may throw ERR_TLS_RENEGOTIATION_DISABLED
  riskyOperation()
} catch (err) {
  if (err.code === 'ERR_TLS_RENEGOTIATION_DISABLED') {
    console.error('ERR_TLS_RENEGOTIATION_DISABLED:', err.message)
  } else {
    throw err
  }
}

Defensive pattern to avoid itjs

// Validate inputs before calling the operation
function safe_err_tls_renegotiation_disabled(...args) {
  // validate args here
  return performOperation(...args)
}

What not to do

✕ Re-enable renegotiation to fix this error in production

Renegotiation is disabled for security; re-enabling it re-exposes the server to renegotiation-based attacks.

Same error in other languages

ssl.SSLErrorin Python→

Sources

Official documentation ↗

Node.js Error Codes Documentation

Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev

At a glance

PlatformNode.js Error Codes

CodeERR_TLS_RENEGOTIATION_DISABLED

ClassTLS

SeverityERROR

TierNotable

ConfidenceHIGH

← All Node.js errors