摘要:當我連接通過gem到石蕊,我得到以下錯誤:訪問Litmus API會導致SSL錯誤。任何方式來解決它?
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: tlsv1 unrecognized name
通過捲曲用相同的憑據訪問API的工作確定。
我發現了一個類似的錯誤此解決方案:SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A - Faraday::Error::ConnectionFailed
其中建議改變的OAuth的SSL選項:
ssl_options[:version] = :TLSv1
有沒有一種方法來設置石蕊的SSL選項?是否有另一種可能的解決方法?
下面是完整的跟蹤:
2.0.0-p247 :002 > Litmus::Base.new("xxx.litmus.com", "[email protected]", "zzz", true)
=> #<Litmus::Base:0x007fad4a66dc68>
2.0.0-p247 :003 > Litmus::EmailTest.list
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: tlsv1 unrecognized name
from /Users/andrei/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:918:in `connect'
from /Users/andrei/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:918:in `block in connect'
from /Users/andrei/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/timeout.rb:52:in `timeout'
from /Users/andrei/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:918:in `connect'
from /Users/andrei/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:862:in `do_start'
from /Users/andrei/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:851:in `start'
from /Users/andrei/.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:1367:in `request'
from /Users/andrei/.rvm/gems/ruby-2.0.0-p247/gems/httparty-0.13.1/lib/httparty/request.rb:93:in `perform'
from /Users/andrei/.rvm/gems/ruby-2.0.0-p247/gems/httparty-0.13.1/lib/httparty.rb:521:in `perform_request'
from /Users/andrei/.rvm/gems/ruby-2.0.0-p247/gems/httparty-0.13.1/lib/httparty.rb:457:in `get'
from /Users/andrei/.rvm/gems/ruby-2.0.0-p247/gems/litmus-0.3.0/lib/litmus/test.rb:4:in `list'
from /Users/andrei/.rvm/gems/ruby-2.0.0-p247/gems/litmus-0.3.0/lib/litmus/email_test.rb:4:in `list'
from (irb):3
from /Users/andrei/.rvm/rubies/ruby-2.0.0-p247/bin/irb:16:in `<main>'
聽起來像服務器需要通過SNI的服務器名稱。不幸的是,我不知道如何用Ruby做到這一點。你可以用OpenSSL的's_client'來驗證它:'openssl s_client -tls1 -connect www.litmus.com:443 -servername litmus.com'。如果成功,則省略-servername。 '-servername'發送SNI擴展名。 – jww
'Litmus :: EmailTest ...' - 另外,電子郵件可以不同於HTTPS。使用某些電子郵件協議,您可以建立TCP連接,然後啓用帶有STARTTLS擴展名的TLS。 – jww