SSL_connect SYSCALL返回= 5 errno = 0 state = SSLv3读取服务器hello A(OpenSSL :: SSL :: SSLError)
[英]SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A (OpenSSL::SSL::SSLError)
问题描述
I have already looked through many of the questions similar to this one on stack overflow and im asking the ruby gods for help now. 
我已经查看了很多与堆栈溢出类似的问题,并且我现在向红宝石神寻求帮助。
im getting this stack trace when making an HTTP request via ruby: 我通过ruby发出HTTP请求时获取此堆栈跟踪:
/System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/net/http.rb:918:in `connect': SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server hello A (OpenSSL::SSL::SSLError)
from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/net/http.rb:918:in `block in connect'
from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/timeout.rb:66:in `timeout'
from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/net/http.rb:918:in `connect'
from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/net/http.rb:862:in `do_start'
from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/net/http.rb:851:in `start'
from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/net/http.rb:1367:in `request'
Some things to note: 有些事情需要注意:
I have already tried setting these attributes on http object: 我已经尝试在http对象上设置这些属性:
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.ssl_version = :TLSv1
http.ciphers = ['RC4-SHA']
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
I have already tried setting 我已经尝试过设置了
require 'openssl'
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
And lastly, this error only happens on one of my machines. 最后,这个错误只发生在我的一台机器上。 My guess is that i have a different version of openssl or possible some gem thats being used thats a different version. 我的猜测是我有一个不同版本的openssl或者可能使用的某些宝石是不同的版本。 Both are Mac OSX Yosemite 10.10.5 两者都是Mac OSX Yosemite 10.10.5
Here is the environment for the machine that does work: 以下是运行的机器的环境:
*** LOCAL GEMS ***
activesupport (4.2.4, 3.2.22)
addressable (2.3.8)
autoparse (0.3.3)
bigdecimal (1.2.4)
bluecloth (2.2.0)
builder (3.2.2)
bundler (1.6.2)
bundler-unload (1.0.2)
curb (0.8.8)
executable-hooks (1.3.2)
extlib (0.9.16)
faraday (0.9.2)
gem-wrappers (1.2.4)
google-api-client (0.8.4)
google_drive (1.0.1)
googleauth (0.4.2)
hurley (0.2)
i18n (0.7.0)
io-console (0.4.2)
jenkins_api_client (1.4.1)
json (1.8.1)
jwt (1.5.1)
launchy (2.4.3)
little-plugger (1.1.4)
logging (2.0.0)
macaddr (1.7.1)
maruku (0.7.2)
memoist (0.12.0)
mime-types (2.3)
mini_magick (4.2.7)
mini_portile (0.7.0.rc4)
minitest (5.8.1, 4.7.5)
mixlib-shellout (2.2.1)
multi_json (1.11.2)
multi_xml (0.5.5)
multipart-post (2.0.0)
netrc (0.7.7)
nokogiri (1.6.7.rc3)
oauth (0.4.7)
oauth2 (1.0.0)
plist (3.1.0)
polyglot (0.3.5)
psych (2.0.5)
rack (1.6.4)
rake (10.3.2, 10.1.0)
rdoc (4.1.0)
representable (2.3.0)
rest-client (1.7.2)
retriable (2.1.0, 1.4.1)
rubygems-bundler (1.4.4)
rvm (1.11.3.9)
signet (0.6.1)
sqlite3 (1.3.9)
systemu (2.6.4)
terminal-table (1.5.2)
test-unit (2.1.2.0)
thor (0.19.1)
thread_safe (0.3.5)
treetop (1.5.3)
tzinfo (1.2.2)
uber (0.0.15)
unicode (0.4.4.1)
uuid (2.3.7)
here is my version of openssl:
OpenSSL 0.9.8zg 14 July 2015
Here is my environment for the machine that doesnt work: 这是我的机器环境不起作用:
*** LOCAL GEMS ***
activesupport (3.2.22)
addressable (2.3.8)
autoparse (0.3.3)
bigdecimal (1.2.0)
bluecloth (2.2.0)
builder (3.2.2)
CFPropertyList (2.2.8)
curb (0.8.8)
extlib (0.9.16)
faraday (0.9.2)
google-api-client (0.8.4)
google_drive (1.0.1)
googleauth (0.4.2)
i18n (0.7.0)
io-console (0.4.2)
jenkins_api_client (1.4.1)
json (1.8.1, 1.7.7)
jwt (1.5.1)
launchy (2.4.3)
libxml-ruby (2.6.0)
little-plugger (1.1.4)
logging (2.0.0)
macaddr (1.7.1)
maruku (0.7.2)
memoist (0.12.0)
mime-types (2.3)
mini_portile (0.6.2)
minitest (5.8.1, 4.3.2)
mixlib-shellout (2.2.2)
multi_json (1.11.2)
multi_xml (0.5.5)
multipart-post (2.0.0)
netrc (0.7.7)
nokogiri (1.6.6.2, 1.5.6)
oauth (0.4.7)
oauth2 (1.0.0)
plist (3.1.0)
polyglot (0.3.5)
psych (2.0.0)
rack (1.6.4)
rake (10.3.2, 0.9.6)
rdoc (4.0.0)
rest-client (1.7.2)
retriable (1.4.1)
signet (0.6.1)
sqlite3 (1.3.9, 1.3.7)
systemu (2.6.4)
terminal-table (1.5.2)
test-unit (2.0.0.0)
thor (0.19.1)
thread_safe (0.3.5)
treetop (1.5.3)
tzinfo (1.2.2)
unicode (0.4.4.1)
uuid (2.3.7)
here is my version of openssl: (I tried upgrading to latest, that didnt work either)
OpenSSL 1.0.1g 7 Apr 2014
3 个解决方案
解决方案1
0 2015-10-23 04:44:58
OpenSSL 0.9.8zg 14 July 2015
Don't let you fool by the recent date in the version of the OpenSSL version. 不要让你愚弄OpenSSL版本的最近日期。 Mac ships with an rotten old version of OpenSSL which is not able to do TLS 1.1 and TLS 1.2 and does not support any newer ciphers, but it applies security fixes to this old version. Mac附带了一个烂旧版本的OpenSSL,它无法执行TLS 1.1和TLS 1.2,也不支持任何新的密码,但它对这个旧版本应用了安全修复程序。 Given that your question lacks the details to reproduce the problem my guess is that the server simply expects a new TLS version or some of the newer ciphers. 鉴于您的问题缺乏重现问题的细节,我的猜测是服务器只需要一个新的TLS版本或一些较新的密码。
You can check the behavior of a public https server at SSLLabs which also shows the SSL protocol versions and ciphers supported by the server. 您可以在SSLLabs上检查公共https服务器的行为,该服务器还显示服务器支持的SSL协议版本和密码。 It also shows if problems are expected with various clients, including with OpenSSL version 0.9.8 which you use. 它还显示了各种客户端是否存在问题,包括您使用的OpenSSL 0.9.8版。
解决方案2
0 已采纳 2015-10-23 21:30:29
Figured out the issue. 找出问题所在。 I had an older version of ruby (2.0.0) I upgraded to 2.1.2 and works like magic. 我有一个旧版本的ruby(2.0.0)我升级到2.1.2并且像魔术一样工作。 Not sure what ruby 2.0.0 has that makes openssl throw that Error. 不确定ruby 2.0.0是否会使openssl抛出Error。 Very useless error message in my opinion. 在我看来,这是非常无用的错误信息。
解决方案3
-1 2016-01-21 13:04:33
Could this perhaps be caused by a timeout error? 这可能是由超时错误引起的吗? I was thinking so b/c in my ruby stack trace I am seeing this error and it goes through a timeout.rb file, just a guess. 我在我的ruby堆栈跟踪中认为这样b / c我看到这个错误并且它通过了timeout.rb文件,只是一个猜测。
error=SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read finished A
/Users/Ben/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/net/http.rb:920:in `connect'
/Users/Ben/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/net/http.rb:920:in `block in connect'
/Users/Ben/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/timeout.rb:76:in `timeout'
/Users/Ben/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/net/http.rb:920:in `connect'
/Users/Ben/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/net/http.rb:863:in `do_start'
/Users/Ben/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/net/http.rb:852:in `start'
/Users/Ben/.rvm/gems/ruby-2.1.5@caredox/gems/rest-client-1.8.0/lib/restclient/request.rb:413:in `transmit'
/Users/Ben/.rvm/gems/ruby-2.1.5@caredox/gems/rest-client-1.8.0/lib/restclient/request.rb:176:in `execute'
/Users/Ben/.rvm/gems/ruby-2.1.5@caredox/gems/rest-client-1.8.0/lib/restclient/request.rb:41:in `execute'
/Users/Ben/.rvm/gems/ruby-2.1.5@caredox/gems/rest-client-1.8.0/lib/restclient.rb:65:in `get'
You can try to adjust timeout setting, for me using RestClient lib 您可以尝试使用RestClient lib调整超时设置
RestClient::Request.execute(method: :get, url: url,
timeout: 30,
headers: {:accept => :json,
:Authorization =>access_token_header()}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.