Problemas con request + ssl
38 views
Skip to first unread message
Tio Oscar
Jul 23, 2012, 2:54:48 AM7/23/12
to node...@googlegroups.com
Necesito tirarme contra un webservice en https, con certificado inválido y en un puerto medio raro...
En fin, hice un cliente usando el modulo request[1] que soprota https y demas (siempre lo uso), y a la hora de hacer el request, me devuelve un error:
[Error: 140026159224640:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:../deps/openssl/openssl/ssl/s3_pkt.c:345:
]
Si en vez de la url a la que tengo que consultar le tiro a google, funciona, asi que no es un tema del cliente ni la libreria que tengo instalada ni nada. Por otro lado el que el certificado no sea valido tampoco tiene que ver por que so lo ignoro.
Si hago la misma peticion con curl, no me tira nada (ignorando el certificado no valido):
[exos@Hexodica ~ ]$ curl --data @json -k -v https://x.x.x.x:43443/RCPJ
* About to connect() to x.x.x.x port 43443 (#0)
* Trying x.x.x.x... connected
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES128-SHA
* Server certificate:
* subject: CN=MTAPP4
* start date: 2011-12-21 12:19:55 GMT
* expire date: 2012-12-21 00:00:00 GMT
* common name: MTAPP4 (does not match 'x.x.x.x')
* issuer: CN=MTAPP4
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> POST /RCPJ HTTP/1.1
> User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> Host: x.x.x.x:43443
> Accept: */*
> Content-Length: 299
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 299out of 299 bytes
< HTTP/1.1 403 Forbidden
< Content-Length: 0
<
* Connection #0 to host x.x.x.x left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
La verdad no se que pasa, hice un scrtip usando el modulo https directo pero tampoco parece funcionar:
http://pastebin.com/Cdh8AbCA
Y me tira lo mismo:
[Error: 140653193824064:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:../deps/openssl/openssl/ssl/s3_pkt.c:345:
]
Alguno sabe que puede ser?
--
El Tio ~ Programador, hacker y filósofo
web: http://blog.exodica.com.ar
Linked'in: http://www.linkedin.com/in/ogentilezza
Twitter: @exos, Indeti.ca: @exos
Tels: [+54 11] 638-LINUX (54689) - [+54 9 11] 6799-4797
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/IT d-- s:++ a- C+++$ UBL+++$ P(-) L+++$ !E--- W+++$ !N !o K-? !w--- !O !M-- V? PS+++@ !PE Y+(++) PGP++ !t--- !5 X++ R(+) tv--? b- DI D-- G e@ h>++ r+++(-) y+++>+++++
------END GEEK CODE BLOCK------
En fin, hice un cliente usando el modulo request[1] que soprota https y demas (siempre lo uso), y a la hora de hacer el request, me devuelve un error:
[Error: 140026159224640:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:../deps/openssl/openssl/ssl/s3_pkt.c:345:
]
Si en vez de la url a la que tengo que consultar le tiro a google, funciona, asi que no es un tema del cliente ni la libreria que tengo instalada ni nada. Por otro lado el que el certificado no sea valido tampoco tiene que ver por que so lo ignoro.
Si hago la misma peticion con curl, no me tira nada (ignorando el certificado no valido):
[exos@Hexodica ~ ]$ curl --data @json -k -v https://x.x.x.x:43443/RCPJ
* About to connect() to x.x.x.x port 43443 (#0)
* Trying x.x.x.x... connected
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES128-SHA
* Server certificate:
* subject: CN=MTAPP4
* start date: 2011-12-21 12:19:55 GMT
* expire date: 2012-12-21 00:00:00 GMT
* common name: MTAPP4 (does not match 'x.x.x.x')
* issuer: CN=MTAPP4
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> POST /RCPJ HTTP/1.1
> User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> Host: x.x.x.x:43443
> Accept: */*
> Content-Length: 299
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 299out of 299 bytes
< HTTP/1.1 403 Forbidden
< Content-Length: 0
<
* Connection #0 to host x.x.x.x left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
La verdad no se que pasa, hice un scrtip usando el modulo https directo pero tampoco parece funcionar:
http://pastebin.com/Cdh8AbCA
Y me tira lo mismo:
[Error: 140653193824064:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:../deps/openssl/openssl/ssl/s3_pkt.c:345:
]
Alguno sabe que puede ser?
--
El Tio ~ Programador, hacker y filósofo
web: http://blog.exodica.com.ar
Linked'in: http://www.linkedin.com/in/ogentilezza
Twitter: @exos, Indeti.ca: @exos
Tels: [+54 11] 638-LINUX (54689) - [+54 9 11] 6799-4797
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/IT d-- s:++ a- C+++$ UBL+++$ P(-) L+++$ !E--- W+++$ !N !o K-? !w--- !O !M-- V? PS+++@ !PE Y+(++) PGP++ !t--- !5 X++ R(+) tv--? b- DI D-- G e@ h>++ r+++(-) y+++>+++++
------END GEEK CODE BLOCK------
Umut Muhaddisoglu
Mar 12, 2013, 10:43:04 AM3/12/13
to node...@googlegroups.com
Hi Oscar,
I'm facing the exact same issue (using nodejs with request) and couldn't find a fix yet. Requests made to some URLs return this error.
Did you find a fix for this?
Thanks.
Reply all
Reply to author
Forward
0 new messages