LWP :: UserAgent和500 SSL协商失败 [英] LWP::UserAgent and 500 SSL negotiation failed
问题描述
我正在运行一台旧的Debian服务器,该服务器每天一次通过Perl脚本获取网页.从昨天开始,该脚本失败,并显示"500 SSL协商失败"错误.
I'm running an old Debian server that once a day fetches a webpage through a Perl script. Since yesterday, the script fails with a "500 SSL negotiation failed" error.
use strict;
use LWP::UserAgent;
my $browserObj = LWP::UserAgent->new();
$response = $browserObj->get( "https://www.domain.tld" );
print $response->status_line . "\n" if( ! $response->is_success );
就像我说的那样,这是一台运行所有内容的旧版本的旧服务器:
Like I said, it's an old server running old versions of everything:
- Perl:5.8.8
- OpenSSL:0.9.8c
- LWP:5.805
- 地穴:: SSLeay:0.57
我为服务器制作了快照,因此我可以尝试各种解决方案,并在快照失败时返回快照.正是在每次测试之后,我所做的都是返回到原始服务器状态.
I made a snapshot of the server so I could try all kinds of solutions and return to the snapshot if it fails. Which is exactly what I did after each test, return to the original server state.
测试1: 我尝试的第一件事是将OpenSSL更新到1.0.2d.那没有帮助,我仍然收到"SSL协商失败"错误.然后,我更新了Crypt:SSLeay.这完全破坏了SSL(导致服务器无法连接到任何安全服务器).
Test 1: First thing I tried was updating OpenSSL to 1.0.2d. That did not help, I still got the "SSL negotiation failed" error. I then updated Crypt:SSLeay. That broke SSL altogether (caused the server to be unable to connect to any secure server).
测试2: 更新了Crypt :: SSLeay,而未更新OpenSSL.导致服务器无法再次连接到安全服务器.
Test 2: Updated Crypt::SSLeay without updating OpenSSL. Caused the server to unable to connect to secure servers again.
测试3: 将OpenSSL更新为1.0.2d.更新了LWP.没什么区别.仍然显示"500 SSL协商失败"
Test 3: Updated OpenSSL to 1.0.2d. Updated LWP. Made no difference. Still got "500 SSL negotiation failed"
还有什么我可以尝试的吗?
Is there anything else I could try?
PS:由于多种原因,我无法更新Debian本身.
PS: For several reasons I'm unable to update Debian itself.
推荐答案
我知道它可用于Perl.我怀疑,服务器上使用SSL的每个程序都需要单独打补丁.但这是Perl的解决方案:
I got it to work for Perl. As I suspected, each program on the server that uses SSL needs to be patched seperately. But this was the solution for Perl:
1)将OpenSSL(更新为1.0.2d版)
对于使用SSL的每个程序,这都是必要的步骤!在我的Debian系统上,我使用了
This is a necessary step for every program that uses SSL! On my Debian system, I used the instructions found here.
2)更新Net :: SSLeay
这是必要的,否则步骤4)将失败.
This was necessary otherwise step 4) would fail.
$ cpan Net::SSLeay
3)更新Getopt :: Long
同样,此步骤是必需的,否则步骤4)将失败.
Again, this step was necessary otherwise step 4) would fail.
$ cpan Getopt::Long
4)更新地穴:: SSLeay
请注意,这也会更新LWP.
Note that this will also update LWP.
$ cpan Crypt::SSLeay
这篇关于LWP :: UserAgent和500 SSL协商失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!