我正在尝试构建一个rake任务来访问viglink的附属API,这是一个url附属服务。
但是,当我的rake任务运行open(url),其中url是https uri时,我得到的错误是:
rake aborted!
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
我尝试使用此答案解决此问题,但我得到了同样的错误
OpenSSL::SSL::SSLError on Heroku
是否有人遇到类似的问题并未解决上述问题?我在Ubuntu 12.04.4 LTS上的Digital Ocean Droplet上运行它(GNU / Linux 3.8.0-29-generic x86_64)
我的佣金任务的相关部分:
url = "https://www.viglink.com/service/v1/cuidRevenue?lastDate=2014%2F12%2F23&period=week&secret=0d0dfillerb57acb4"
response = open(url)
错误发生在第二行。
节日快乐!
答案 0 :(得分:2)
当每个人都开始删除SSLv3支持时遇到同样的问题。您的目标网站也做了同样的事情:
nmap --script ssl-enum-ciphers -p 443 www.viglink.com
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-25 08:16 EST
Nmap scan report for www.viglink.com (192.155.80.114)
Host is up (0.083s latency).
rDNS record for 192.155.80.114: li566-114.members.linode.com
PORT STATE SERVICE
443/tcp open https
| ssl-enum-ciphers:
| SSLv3: No supported ciphers found
| TLSv1.0:
| ciphers:
| TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
| TLS_DHE_RSA_WITH_AES_128_CBC_SHA - strong
| TLS_DHE_RSA_WITH_AES_256_CBC_SHA - strong
| TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
| TLS_RSA_WITH_AES_128_CBC_SHA - strong
| TLS_RSA_WITH_AES_256_CBC_SHA - strong
| compressors:
| NULL
|_ least strength: strong
Nmap done: 1 IP address (1 host up) scanned in 4.47 seconds
解决方法是更新计算机上的openssl。
openssl version
OpenSSL 1.0.1f 6 Jan 2014
我的回答没有错误:
require 'open-uri'
url = 'https://www.viglink.com/'
response = open(url)
# => #<Tempfile:/tmp/open-uri20141225-19253-qhcgcg>
puts response.base_uri
# => https://www.viglink.com/