ua = Net::HTTP.new(SERVER, 443)
ua.instance_eval {
@ssl_context = OpenSSL::SSL::SSLContext.new
options = OpenSSL::SSL::OP_NO_SSLv2 | OpenSSL::SSL::OP_NO_SSLv3
if OpenSSL::SSL.const_defined?('OP_NO_COMPRESSION')
options |= OpenSSL::SSL::OP_NO_COMPRESSION
end
@ssl_context.set_params({options: options})
}
# ua.instance_eval { @ssl_context = OpenSSL::SSL::SSLContext.new(:TLSv1_2) }
ua.use_ssl = true
# Checks presence of CA certificate
if File.directory?(RootCA)
ua.ca_path = RootCA
ua.verify_mode = OpenSSL::SSL::VERIFY_PEER
ua.verify_depth = 3
else
puts "Invalid CA certificates directory. Exiting..."
exit
end
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
from /home/cp/.rbenv/versions/2.3.0/lib/ruby/2.3.0/net/http.rb:933:in `connect_nonblock'
from /home/cp/.rbenv/versions/2.3.0/lib/ruby/2.3.0/net/http.rb:933:in `connect'
from /home/cp/.rbenv/versions/2.3.0/lib/ruby/2.3.0/net/http.rb:863:in `do_start'
from /home/cp/.rbenv/versions/2.3.0/lib/ruby/2.3.0/net/http.rb:852:in `start'
from /home/cp/.rbenv/versions/2.3.0/lib/ruby/2.3.0/net/http.rb:1398:in `request'
from /home/cp/.rbenv/versions/2.3.0/lib/ruby/2.3.0/net/http.rb:1421:in `send_entity'
from /home/cp/.rbenv/versions/2.3.0/lib/ruby/2.3.0/net/http.rb:1209:in `post'
Loganathan,
The SSLv3 error that you actually see is actually misleading, You might want to check the following
1. Check your NGINX configuration file
a. See if the ca certificate is configured correctly
b. Check what protocols have you set i.e. search for keyword ssl_protocols and check if TLS 1.0, 1.1 and 1.2 has been configured
2. Check the code
a. Many times you get this error when your NET HTTP request is not correctly handled. See if your code is similar to below
uri = URI(urlstring)
args = { :arg1=>v1,:arg2=>v2}
uri.query = URI.encode_www_form(args)
resp = Net::HTTP.get_response(uri)
rescue Exception => ex
end
see if that works
Regards
Satish Kota
--
You received this message because you are subscribed to the Google Groups "BANGALORE RUG-Ruby Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bangalorerug...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
To unsubscribe from this group and stop receiving emails from it, send an email to bangalorerug+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "BANGALORE RUG-Ruby Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bangalorerug+unsubscribe@googlegroups.com.
No cipher and all… too many confusions on the internet…. Give first preference to right NGINX settings and then the right way of calling the request…if both donot solve then think about cipher
Note: we just solved this issue yesterday morning after wasting 2.5 days on it…
Regards
Satish Kota
regards,
Loganathan
To unsubscribe from this group and stop receiving emails from it, send an email to bangalorerug...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "BANGALORE RUG-Ruby Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bangalorerug...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "BANGALORE RUG-Ruby Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bangalorerug...@googlegroups.com.
I'm using apache, right now upgrading my os packages and I will update apache settings as you addressed.regards,Loganathan
regards,
Loganathan
To unsubscribe from this group and stop receiving emails from it, send an email to bangalorerug+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "BANGALORE RUG-Ruby Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bangalorerug+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "BANGALORE RUG-Ruby Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bangalorerug+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "BANGALORE RUG-Ruby Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bangalorerug+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.