当我运行https.ssl_version =:TLSv1_2时
我收到了错误
ruby/2.1.0/net/http.rb:920:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: wrong version number (OpenSSL::SSL::SSLError)
我改为https.ssl_version =:SSLv3
ruby/2.1.0/net/http.rb:920:in `connect': SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A (OpenSSL::SSL::SSLError)
但是我可以在没有任何错误的情况下做到这一点
resp = RestClient.post(server_url,content,header)
ssl连接让我很困惑.
macos和ubuntu 14.04上的问题
UPDATE
检查我的SSL参数
在默认的Ruby下由irb
irb(main):001:0> require 'openssl'
=> true
irb(main):002:0> OpenSSL::SSL::SSLContext::DEFAULT_PARAMS
=> {:ssl_version=>"SSLv23",:verify_mode=>1,:ciphers=>"ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW",:options=>-2147482625}
在Rails下
{
:ssl_version => "SSLv23",:verify_mode => 1,:ciphers => "ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW",:options => -2147482625
}
#<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A>
蛮力在Rails中尝试所有类型的SSL版本
I changed the method by `OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:ssl_version]=method` :TLSv1 #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_server #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_client #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_2 #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_2_server #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_2_client #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_1 #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_1_server #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_1_client #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv3 #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv3_server #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv3_client #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv23 #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv23_server #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv23_client #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1 #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_server #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_client #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_2 #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_2_server #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_2_client #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_1 #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_1_server #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :TLSv1_1_client #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv3 #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv3_server #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv3_client #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv23 #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv23_server #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A> :SSLv23_client #<OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A>
解决方法
如果将ssl_version设置为TLSv1_2且服务器不支持该版本,则会看到此错误(对于SSLv3也是如此).
我的猜测是RestClient可能只使用Ruby的默认SSLv23.如果服务器支持该版本,它可能正常工作.
检查Ruby版本的默认值,如下所示:
require 'openssl'
OpenSSL::SSL::SSLContext::DEFAULT_PARAMS
# => {
# => :ssl_version => "SSLv23",# => :verify_mode => 1,# => :ciphers => "ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW",# => :options => -2147482625
# => }
如果https.ssl_version =:TLSv1_2不起作用,那么我会尝试其他版本.
您可以在Ruby中获得所有可用版本的列表:
OpenSSL::SSL::SSLContext::METHODS
我会从:
https.ssl_version = 'SSLv23'
或者您可能想要询问服务器的所有者支持哪些版本.