Configure https agent to allow only TLS1.2 for outgoing requests

Just an update about this solution, a couple of years have passed and some things have changed.

Node docs now recommends to use minVersion and maxVersion instead secureProtocol since this last option has become the legacy mechanism to select the TLS protocol version, so you can get the same result by using minVersion: "TLSv1.2":

var https = require('https')

var options = {
    hostname: 'www.howsmyssl.com',
    port: 443,
    path: '/a/check',
    method: 'GET',
    minVersion: "TLSv1.2",
    maxVersion: "TLSv1.2"
}
...

References: Node docs: tls_tls_createsecurecontext_options

First I found the docs on making HTTPS requests. It mentions that you can pass additional options to tls.connect() which includes something called secureProtocol. Digging into tls.connect(), I found the secureContext option which mentions tls.createSecureContext(). And there it finally mentions secureProtocol which can be specified with a string from an OpenSSL page. I picked a string that looked reasonable (TLSv1_2_method) and passed the secureProtocol option directly into https.request.

This prints SSL Version: TLS 1.2 with the given secureProtocol and SSL Version: TLS 1.1 with secureProtocol: "TLSv1_1_method". The error handler at the end will get called if a connection cannot be established with the given TLS version.

var https = require('https')

var options = {
    hostname: 'www.howsmyssl.com',
    port: 443,
    path: '/a/check',
    method: 'GET',
    secureProtocol: "TLSv1_2_method"
}

https.request(options, res => {
  let body = ''
  res.on('data', d => body += d)
  res.on('end', () => {
    data = JSON.parse(body)
    console.log('SSL Version: ' + data.tls_version)
  })
}).on('error', err => {
  // This gets called if a connection cannot be established.
  console.warn(err)
}).end()