gpt4 book ai didi

ruby-on-rails - Rails 和 Play Framework 之间的间歇性 SSL 握手失败

转载 作者:太空宇宙 更新时间:2023-11-03 13:41:24 26 4
gpt4 key购买 nike

我们有两个服务,客户端是一个 Rails 应用程序,服务器是一个使用 Play Framework 构建的 REST API。我们在 Rails 中使用 HTTParty 客户端。

我们在这两个服务之间遇到间歇性的 SSL 握手错误。在 Play 上,我们收到以下错误:

Jan 09 14:37:47 graph-dev graph:  org.jboss.netty.handler.ssl.SslHandler - SSLEngine.closeInbound() raised an exception after a handshake failure.
Jan 09 14:37:47 graph-dev javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
Jan 09 14:37:47 graph-dev at: sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
Jan 09 14:37:47 graph-dev at: sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1619)
Jan 09 14:37:47 graph-dev at: sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1587)
Jan 09 14:37:47 graph-dev at: sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1517)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.handler.ssl.SslHandler.setHandshakeFailure(SslHandler.java:1407)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1293)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.handler.ssl.SslHandler.decode(SslHandler.java:913)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.handler.codec.frame.FrameDecoder.callDecode(FrameDecoder.java:425)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.handler.codec.frame.FrameDecoder.messageReceived(FrameDecoder.java:303)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:268)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:255)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:88)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:109)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:312)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:90)
Jan 09 14:37:47 graph-dev at: org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)
Jan 09 14:37:47 graph-dev at: java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
Jan 09 14:37:47 graph-dev at: java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
Jan 09 14:37:47 graph-dev at: java.lang.Thread.run(Thread.java:744)

On Rails,对应错误:

Error: SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert handshake failure
/app/vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:918:in `connect'
/app/vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:918:in `block in connect'
/app/vendor/ruby-2.0.0/lib/ruby/2.0.0/timeout.rb:52:in `timeout'
/app/vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:918:in `connect'
/app/vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:862:in `do_start'
/app/vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:851:in `start'
/app/vendor/ruby-2.0.0/lib/ruby/2.0.0/net/http.rb:1367:in `request'

我们的 SSL 证书由 RapidSSL 颁发。在 Play 上,我们包含一个由 Equifax 签署的验证 GeoTrust 的交叉根证书。

几天来我们一直在努力解决这个问题,但我们真的不知所措。

最佳答案

Play 邮件列表中提供了一个答案。我们将 DiffieHellman 添加到 $JAVA_HOME/jre/lib/security/java.securityjdk.tls.disabledAlgorithms 默认值的末尾这解决了它。

功劳归功于该列表中的 Will Sargent。

https://groups.google.com/forum/#!topic/play-framework/ECee_w2wlrU

关于ruby-on-rails - Rails 和 Play Framework 之间的间歇性 SSL 握手失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/21032305/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com