连接:SSL_connect 返回=1 errno=0 状态=SSLv3 读取服务器证书 B:证书验证失败(OpenSSL::SSL::SSLError)
我在使用 SSL 验证证书时遇到了麻烦。我完全不知道证书是如何工作的,所以这首先是一个主要障碍。这是运行脚本时出现的错误:
c:/Ruby191/lib/ruby/1.9.1/net/http.rb:611:in `connect': SSL_connect returned=1 e
rrno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL
::SSL::SSLError)
这是相关代码:
client = Savon::Client.new order_svc
request = client.create_empty_cart { |soap, http|
http.auth.ssl.cert_file = 'mycert.crt'
http.auth.ssl.verify_mode = :none
http.read_timeout = 90
http.open_timeout = 90
http.headers = { "Content-Length" => "0", "Connection" => "Keep-Alive" }
soap.namespaces["xmlns:open"] = "http://schemas.datacontract.org/2004/07/Namespace"
soap.body = {
"wsdl:brand" => brand,
"wsdl:parnter" => [
{"open:catalogName" => catalogName, "open:partnerId" => partnerId }
] }.to_soap_xml
}
感谢任何帮助。
I'm having a terrible time getting SSL to verify a certificate. I'm completely ignorant on how certificates work so that's a major handicap to begin with. Here's the error I get when running the script:
c:/Ruby191/lib/ruby/1.9.1/net/http.rb:611:in `connect': SSL_connect returned=1 e
rrno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL
::SSL::SSLError)
Here's the relevant code:
client = Savon::Client.new order_svc
request = client.create_empty_cart { |soap, http|
http.auth.ssl.cert_file = 'mycert.crt'
http.auth.ssl.verify_mode = :none
http.read_timeout = 90
http.open_timeout = 90
http.headers = { "Content-Length" => "0", "Connection" => "Keep-Alive" }
soap.namespaces["xmlns:open"] = "http://schemas.datacontract.org/2004/07/Namespace"
soap.body = {
"wsdl:brand" => brand,
"wsdl:parnter" => [
{"open:catalogName" => catalogName, "open:partnerId" => partnerId }
] }.to_soap_xml
}
Any help is appreciated.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
发布评论
评论(4)
鹤舞2024-10-12 14:17:12
注意:我正在较低级别的环境中进行测试自动化
没有正确签名的证书并且经常会抛出
由于域签名不匹配而导致的错误。对于问题在
另一方面,绕过签名是一个看似合理的解决方案,但它不是一个
用于生产级开发的解决方案。
我的问题是我正在尝试验证自签名证书。我所要做的就是输入以下代码并省略与验证证书有关的任何内容。
我必须对遇到相同问题的 SOAP 和 REST 调用执行此操作。
使用 Savon 的 SOAP
client = Savon::Client.new order_svc
request = client.create_empty_cart { |soap, http|
http.auth.ssl.verify_mode = :none
http.headers = { "Content-Length" => "0", "Connection" => "Keep-Alive" }
soap.namespaces["xmlns:open"] = "http://schemas.datacontract.org/2004/07/Namespace"
soap.body = {
"wsdl:brand" => brand,
"wsdl:parnter" => [
{"open:catalogName" => catalogName, "open:partnerId" => partnerId }
] }.to_soap_xml
}
使用 HTTPClient 的 REST
client = HTTPClient.new
client.ssl_config.verify_mode=(OpenSSL::SSL::VERIFY_NONE)
resp = client.get(Methods)
~没有更多了~
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
检查你的 cert.pem 和 key.pem
证书密钥应该有一个
你的 key.pem 应该有的
,并且它可能有一些证书,但这对于这种情况并不重要。 (尽管它对我有用,因为如果没有额外的证书,curl 就无法工作)
我正在谈论的 Web 服务有一个良好的根 CA,但客户端身份验证密钥不受信任,因此这可能就是额外的证书使curl 工作的原因。
从您的客户端证书中获取这些内容是导致我出现问题的原因。
这对我有用。
每个都会提示您输入导入密码
如果需要,您可以设置 pem 密码。 (你必须稍后在 ruby 代码中设置)
你也可以使用curl进行测试
check your cert.pem and your key.pem
the cert key should have one
your key.pem should have
and it may have some certs in it but that doesn't matter for this case. (Although it does for me as curl doesn't work without the extra certs)
The webservice I am talking to has a good root CA, but the client auth keys are not trusted so this is probably why the extra certs make curl work.
getting those out of your client certificate was what caused me the problems.
here is what worked for me.
each will prompt you for the Import password
and you can set a pem password if you want. (you would have to set that in the ruby code later)
you can also test with curl