LWP :: UserAgent和500 SSL协商失败 [英] LWP::UserAgent and 500 SSL negotiation failed

问题描述

我正在运行一台旧的Debian服务器，该服务器每天一次通过Perl脚本获取网页.从昨天开始，该脚本失败，并显示"500 SSL协商失败"错误.

I'm running an old Debian server that once a day fetches a webpage through a Perl script. Since yesterday, the script fails with a "500 SSL negotiation failed" error.

use strict;
use LWP::UserAgent;

my $browserObj = LWP::UserAgent->new();

$response = $browserObj->get( "https://www.domain.tld" );
print $response->status_line . "\n" if( ! $response->is_success );

就像我说的那样，这是一台运行所有内容的旧版本的旧服务器:

Like I said, it's an old server running old versions of everything:

• Perl:5.8.8
• OpenSSL:0.9.8c
• LWP:5.805
• 地穴:: SSLeay:0.57

我为服务器制作了快照，因此我可以尝试各种解决方案，并在快照失败时返回快照.正是在每次测试之后，我所做的都是返回到原始服务器状态.

I made a snapshot of the server so I could try all kinds of solutions and return to the snapshot if it fails. Which is exactly what I did after each test, return to the original server state.

测试1: 我尝试的第一件事是将OpenSSL更新到1.0.2d.那没有帮助，我仍然收到"SSL协商失败"错误.然后，我更新了Crypt:SSLeay.这完全破坏了SSL(导致服务器无法连接到任何安全服务器).

Test 1: First thing I tried was updating OpenSSL to 1.0.2d. That did not help, I still got the "SSL negotiation failed" error. I then updated Crypt:SSLeay. That broke SSL altogether (caused the server to be unable to connect to any secure server).

测试2: 更新了Crypt :: SSLeay，而未更新OpenSSL.导致服务器无法再次连接到安全服务器.

Test 2: Updated Crypt::SSLeay without updating OpenSSL. Caused the server to unable to connect to secure servers again.

测试3: 将OpenSSL更新为1.0.2d.更新了LWP.没什么区别.仍然显示"500 SSL协商失败"

Test 3: Updated OpenSSL to 1.0.2d. Updated LWP. Made no difference. Still got "500 SSL negotiation failed"

还有什么我可以尝试的吗?

Is there anything else I could try?

PS:由于多种原因，我无法更新Debian本身.

PS: For several reasons I'm unable to update Debian itself.

推荐答案

我知道它可用于Perl.我怀疑，服务器上使用SSL的每个程序都需要单独打补丁.但这是Perl的解决方案:

I got it to work for Perl. As I suspected, each program on the server that uses SSL needs to be patched seperately. But this was the solution for Perl:

1)将OpenSSL(更新为1.0.2d版)

对于使用SSL的每个程序，这都是必要的步骤！在我的Debian系统上，我使用了

This is a necessary step for every program that uses SSL! On my Debian system, I used the instructions found here.

2)更新Net :: SSLeay

这是必要的，否则步骤4)将失败.

This was necessary otherwise step 4) would fail.

$ cpan Net::SSLeay

3)更新Getopt :: Long

同样，此步骤是必需的，否则步骤4)将失败.

Again, this step was necessary otherwise step 4) would fail.

$ cpan Getopt::Long

4)更新地穴:: SSLeay

请注意，这也会更新LWP.

Note that this will also update LWP.

$ cpan Crypt::SSLeay

这篇关于LWP :: UserAgent和500 SSL协商失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！