[英]OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=error: certificate verify failed
I have Rails API server hosted on Heroku, which makes an asynchronous POST request to a callback url specified in an initial API request by the client.我在 Heroku 上托管了 Rails API 服务器,它向客户端初始 API 请求中指定的回调 url 发出异步 POST 请求。
I have a problem when I try to POST to one of my clients' webapp over SSL.当我尝试通过 SSL POST 到我的客户之一的 web 应用程序时遇到问题。
connection = Faraday::Connection.new('https://subdomain.some_client.com', ssl: { ca_file: '/usr/lib/ssl/certs/ca-certificates.crt' })
connection.get '/test'
The following throws an error:以下抛出错误:
Faraday::Error::ConnectionFailed: SSL_connect returned=1 errno=0 state=error: certificate verify failed
However, if I post to another server over HTTPS, for example google, it works fine但是,如果我通过 HTTPS 发布到另一台服务器,例如谷歌,它工作正常
connection = Faraday::Connection.new('https://www.google.com', ssl: { ca_file: '/usr/lib/ssl/certs/ca-certificates.crt' })
connection.get '/'
Does this mean the fault is on the client's SSL configuration?这是否意味着问题出在客户端的 SSL 配置上? and if so, how can I assist them in debugging the problem?
如果是这样,我如何帮助他们调试问题?
UPDATE:更新:
I can cURL POST to the client's webapp without problems, it's only when I do it through ruby's HTTP libraries it fails我可以毫无问题地将 POST 卷曲到客户端的 web 应用程序,只有当我通过 ruby 的 HTTP 库执行它时才会失败
Much appreciated Thanks非常感谢谢谢
My guess is that there is a problem with the SSL cert for your client's web app.我的猜测是您客户端的 Web 应用程序的 SSL 证书存在问题。 Perhaps there is a certificate that is out of date or invalid.
也许有一个过期或无效的证书。 You could try this answer .
你可以试试这个答案。
If you need to get around this (but probably not a good permanent solution , because of the potential security hole) you should be able to turn off the certificate verification by putting this before Bundler.require in your application.rb:如果你需要解决这个问题(但可能不是一个好的永久解决方案,因为潜在的安全漏洞)你应该能够通过将它放在你的 application.rb 中的 Bundler.require 之前来关闭证书验证:
require 'openssl'
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.