https: sslv3 alert handshake failure from getURL()

时间:2015-05-12 22:40:47

标签: r ssl curl

I'm using R on windows. I experience no problems communicating with general secured sites. I tried (and failed) communicating with a specific SECURED site (my bank) via getURL(url). (No problem loging to this site manually). Here is the "R" code:

 (?m)
 ^ --- .* \s+ 
 ( [\S\s]*? )                   # (1)
 ^ ---

The following error and traceback() chain of function calls is generated:

library(RCurl) ; options(RCurlOptions = list(cainfo = system.file("CurlSSL", "cacert.pem", package = "RCurl")))

url <- "https://hb2.bankleumi.co.il/uniquesig4e0824291ffbe1b42058d6558ed87217/uniquesig0/InternalSite/CustomUpdate/eBank_ULI_Login.asp?resource_id=C66B095BD60649D18ECB79F04C657517&login_type=2&site_name=leumi&secure=1&URLHASH=da2ded08-57dd-488c-94ff-34629781f5fb&orig_url=https%3a%2f%2fhb2.bankleumi.co.il%2fE%2flogin.html"

getURL(url)

traceback()

I've tried also Error in function (type, msg, asError = TRUE) : error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure 5: fun(structure(list(message = msg, call = sys.call()), class = c(typeName, "GenericCurlError", "error", "condition"))) 4: function (type, msg, asError = TRUE) { if (!is.character(type)) { i = match(type, CURLcodeValues) typeName = if (is.na(i)) character() else names(CURLcodeValues)[i] } typeName = gsub("^CURLE_", "", typeName) fun = (if (asError) stop else warning) fun(structure(list(message = msg, call = sys.call()), class = c(typeName, "GenericCurlError", "error", "condition"))) } (35L, "error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure", TRUE) 3: .Call("R_curl_easy_perform", curl, .opts, isProtected, .encoding, PACKAGE = "RCurl") 2: curlPerform(curl = curl, .opts = opts, .encoding = .encoding) 1: getURL(url) and got the same error.

From the url string it looks as if the problem may be with the expected unique signatures. Is there a way to fix it via SSL/RCurl/R?

1 个答案:

答案 0 :(得分:2)

  

错误:14077410:SSL例程:SSL23_GET_SERVER_HELLO:sslv3警报握手失败

这是尝试使用除RC4之外的任何其他密码连接到服务器时获得的消息。此服务器仅支持RC4-SHA和RC4-MD5,它们都被视为已损坏。我猜R默认禁用RC4支持。您可以尝试通过将"ssl.cipher.list" option设置为“RC4-SHA”来启用它。

  

使用特定的SECURED网站(我的银行)

我认为如果他们提供的所有内容都被认为是破解的密码,那么您需要质疑银行的安全性。另请参阅由于此而获得B等级的report from SSLLabs以及更多安全问题。