机械化的SSL错误 [英] SSL errors with Mechanize
问题描述
我在irb
require 'mechanize'
agent = Mechanize.new
agent.get('https://monabo.lemonde.fr/customer/account/forgotpassword/')
我收到此错误:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert handshake failure
我在Mac上尝试过,它可以正常工作,但没有这个错误.但是,它不能在我的计算机上运行(运行Linux Mint 17).
I tried on mac, and it works I don't have this error. However, it doesn't work on my computer (running Linux Mint 17).
我尝试过的事情:
-
导出此变量:
Exporting this variable:
export SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
设置此变量:
Setting this variable:
agent.agent.http.ca_file = '/etc/ssl/certs/ca-certificates.crt'
设置此:
Setting this:
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
更改红宝石版本(我目前正在使用ruby 2.1.5p275)
Changing ruby version (I'm currently using ruby 2.1.5p275)
这些解决方案均未解决此问题.我怀疑服务器需要特定版本的OpenSSL.
None of those solutions changed the issue. I suspect that the server is requiring a specific verson of OpenSSL.
请注意,我可以用mechanize
请求https://google.com
,并且它可以工作,但不能使用https://monabo.lemonde.fr/customer/account/forgotpassword/
.
它可以在Mac上运行的事实可能是因为我配置错误.
Please notice that I can request https://google.com
with mechanize
and that it works, but not https://monabo.lemonde.fr/customer/account/forgotpassword/
.
The fact that it works on mac may suppose that I got a wrong config.
这是此命令的输出:
➜ swiff git:(master) ✗ openssl s_client -connect monabo.lemonde.fr/customer/account/forgotpassword:443 -tls1 -servername monabo.lemonde.fr/customer/account/forgotpassword | openssl x509 -text -noout
gethostbyname failure
connect:errno=0
unable to load certificate
140045809014432:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE
其他一些数据:
- http://pastebin.com/raw.php?i=AYDbwqqD
- http://pastebin.com/raw.php?i=vC07aTyY
- http://pastebin.com/raw.php?i=VLtLvuEG
- http://pastebin.com/raw.php?i=AYDbwqqD
- http://pastebin.com/raw.php?i=vC07aTyY
- http://pastebin.com/raw.php?i=VLtLvuEG
推荐答案
服务器仅支持SSLv3和TLSv1,并且仅支持密码DES-CBC3-SHA.如您在
The server supports only SSLv3 and TLSv1 and only with the cipher DES-CBC3-SHA. This cipher is not included in the default cipher set used by your version of ruby, as you can see in https://github.com/ruby/ruby/blob/ruby_2_1/ext/openssl/lib/openssl/ssl.rb. This setting is strange because from what I know DES-CBC3-SHA (i.e. DES3) is considered more secure then RC4-SHA which they have in their cipher set.
我试图找到一种为机械化对象设置密码的方法,但是我对编写红宝石了解不多,而且系统上只有较旧版本的红宝石.您可以尝试使用agent.agent.http.ciphers = [ 'des-cbc3-sha' ]
之类的方法,或咨询一些红宝石专家.
I've tried to find a way to set the ciphers for the mechanize object but I don't know much about writing ruby and also only have an older version of ruby on the system. You might try something like agent.agent.http.ciphers = [ 'des-cbc3-sha' ]
or ask some ruby experts.
这篇关于机械化的SSL错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!