我正在关注this page以修复Mac El Capitan中的OpenSSL证书错误。
虽然RVM和证书是最新的,但仍然会出现证书错误:
☁ ~ rvm -v
rvm 1.26.11 (master) by Wayne E. Seguin <wayneeseguin@gmail.com>, Michal Papis <mpapis@gmail.com> [https://rvm.io/]
☁ ~ rvm osx-ssl-certs status all
Certificates for /etc/openssl/cert.pem: Up to date.
Certificates for /usr/local/etc/openssl/cert.pem: Up to date.
☁ ~ ruby -e "require 'open-uri'; open 'https://www.google.com'"
/Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/net/http.rb:923:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/net/http.rb:923:in `block in connect'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/timeout.rb:73:in `timeout'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/net/http.rb:923:in `connect'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/net/http.rb:863:in `do_start'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/net/http.rb:852:in `start'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/open-uri.rb:318:in `open_http'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/open-uri.rb:736:in `buffer_open'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/open-uri.rb:211:in `block in open_loop'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/open-uri.rb:209:in `catch'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/open-uri.rb:209:in `open_loop'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/open-uri.rb:150:in `open_uri'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/open-uri.rb:716:in `open'
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/open-uri.rb:34:in `open'
from -e:1:in `<main>'
关注this answer。
在您的应用初始值设定项中使用以下命令创建新文件fix_ssl.rb:
require 'open-uri'
require 'net/https'
module Net
class HTTP
alias_method :original_use_ssl=, :use_ssl=
def use_ssl=(flag)
self.ca_file = Rails.root.join('lib/ca-bundle.crt').to_s
self.ca_path = Rails.root.join('lib/ca-bundle.crt').to_s
self.verify_mode = OpenSSL::SSL::VERIFY_PEER
self.original_use_ssl = flag
end
end
end
下载crt文件并放在lib目录中。
现在在rails控制台中尝试相同的操作:
☁ duggout [master] ⚡ rails c
Loading development environment (Rails 4.2.5)
2.2.3 :001 > require 'open-uri'; open 'https://www.google.com'
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
from /Users/leninrajrajasekaran/.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/net/http.rb:923:in `connect'
OpenSSL是Homebrew中的一个,是最新的:
☁ ~ openssl version -a
OpenSSL 1.0.2g 1 Mar 2016
built on: reproducible build, date unspecified
platform: darwin64-x86_64-cc
options: bn(64,64) rc4(ptr,int) des(idx,cisc,16,int) idea(int) blowfish(idx)
compiler: clang -I. -I.. -I../include -fPIC -fno-common -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
OPENSSLDIR: "/usr/local/etc/openssl"
我们如何修复证书错误?
答案 0 :(得分:0)
这就是我所做的:
使用NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"mu url"]
cachePolicy:NSURLRequestUseProtocolCachePolicy
timeoutInterval:15.0];
cachePolicy:NSURLRequestUseProtocolCachePolicy
timeoutInterval:60.0];
//[request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];
[request setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
[request setValue:@"application/json" forHTTPHeaderField:@"Accept"];
[request setHTTPMethod:@"POST"];
NSData* jsonData = [NSJSONSerialization dataWithJSONObject:params options:NSJSONWritingPrettyPrinted error:nil];
[request setHTTPBody:jsonData];
//[request setHTTPBody:[self encodeDictionary:params]];
//You now can initiate the request with NSURLSession or NSURLConnection, however you prefer. For example, with NSURLSession, you might do:
NSURLSessionTask *task = [[NSURLSession sharedSession] dataTaskWithRequest:request completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
if (error) {
NSLog(@"dataTaskWithRequest error: %@", error);
} else if ([response isKindOfClass:[NSHTTPURLResponse class]]) {
NSInteger statusCode = [(NSHTTPURLResponse *)response statusCode];
if (statusCode != 200) {
NSError *parseError;
id responseObject = [NSJSONSerialization JSONObjectWithData:data options:0 error:&parseError];
NSLog(@"responseobject is %@",responseObject);
} else {
NSError *parseError;
id responseObject = [NSJSONSerialization JSONObjectWithData:data options:0 error:&parseError];
NSLog(@"else condtion");
if (!responseObject) {
NSLog(@"JSON parse error: %@", parseError);
} else {
NSLog(@"responseobject is %@",responseObject);
//[self MainService:responseObject];
}
//if response was text/html, you might convert it to a string like so:
NSString *responseString = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
NSLog(@"final responseString = %@", responseString);
}
}
}];
[task resume];
--disable-binary现在有效:
rvm uninstall ruby-2.2.3
rvm install ruby-2.3.0 --disable-binary
gem pristine --all