本文介绍了OpenSSL :: SSL :: SSL错误:SSL_connect返回= 1 errno = 0状态=错误:证书验证失败的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在Heroku上托管了Rails API服务器,该服务器向客户端在初始API请求中指定的回调URL发出异步POST请求.

I have Rails API server hosted on Heroku, which makes an asynchronous POST request to a callback url specified in an initial API request by the client.

当我尝试通过SSL发布到客户的一个Web应用程序时遇到问题.

I have a problem when I try to POST to one of my clients' webapp over SSL.

connection = Faraday::Connection.new('https://subdomain.some_client.com', ssl: { ca_file: '/usr/lib/ssl/certs/ca-certificates.crt' })
connection.get '/test'

以下内容引发错误:

Faraday::Error::ConnectionFailed: SSL_connect returned=1 errno=0 state=error: certificate verify failed

但是,如果我通过HTTPS发布到另一台服务器(例如google),则效果很好

However, if I post to another server over HTTPS, for example google, it works fine

connection = Faraday::Connection.new('https://www.google.com', ssl: { ca_file: '/usr/lib/ssl/certs/ca-certificates.crt' })
connection.get '/'

这是否表示故障出在客户端的SSL配置上?如果可以,我如何协助他们调试问题?

Does this mean the fault is on the client's SSL configuration? and if so, how can I assist them in debugging the problem?

更新:

我可以毫无问题地将URL POST到客户端的webapp,只有当我通过ruby的HTTP库进行操作时,它才会失败

I can cURL POST to the client's webapp without problems, it's only when I do it through ruby's HTTP libraries it fails

非常感谢谢谢

推荐答案

我的猜测是您客户的Web应用程序的SSL证书存在问题.可能是证书过期或无效.您可以尝试这个答案.

My guess is that there is a problem with the SSL cert for your client's web app. Perhaps there is a certificate that is out of date or invalid. You could try this answer.

如果您需要解决此问题(但由于潜在的安全漏洞,可能不是一个好的永久解决方案),则应该能够通过将其放在Bundler.require之前的应用程序中来关闭证书验证./p>

If you need to get around this (but probably not a good permanent solution, because of the potential security hole) you should be able to turn off the certificate verification by putting this before Bundler.require in your application.rb:

require 'openssl'
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE

这篇关于OpenSSL :: SSL :: SSL错误:SSL_connect返回= 1 errno = 0状态=错误:证书验证失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-26 14:10