我正在使用ActiveResource代理CRUD端点,但在尝试连接时出现no cipher match错误。我已经尝试了从明确设置SSL版本到升级本地openssl客户端到直接设置密码列表的所有内容。
我希望我能提供更多信息,但我知道异常is raised here并且它会引发SSL_CTX_set_cipher_list: no cipher match错误。
你知道我为什么会收到这个错误以及如何修复?
以下是Chrome的连接信息:
Your connection to domain.com is encrypted with 128-bit encryption.
The connection uses TLS 1.0.
The connection is encrypted using AES_128_CBC, with SHA1 for message authentication and RSA as the key exchange mechanism.
The server does not support the TLS renegotiation extension.
我使用openSSL在终端中运行以下命令来检查连接:
openssl s_client -showcerts -connect stage.example.com:13902
以下是输出:
CONNECTED(00000003)
140735228511072:error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected message:s23_clnt.c:762:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 308 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
不完全确定这意味着什么。 Chrome可以很好地解析证书。这是OpenSSL的错误吗?