Weird Net:HTTP connection issues

I’m having some new issues connecting to our credit card processors
servers. I’m working under Linux (dev and production), and have tried
Ruby 1.8.7, 1.9.2 and 1.9.3 under Linux. This was working for the past
year, and just recently became a problem.

The weird thing… on Mac OS X, with Ruby 1.8.7 it connects just fine!
:frowning:

On Linux, when I try to connect to esqa.moneris.com it will just timeout
(or hang forever with Ruby’s default Net::HTTP timeout). Even something
simple like this hangs on my Linux box:

RestClient.get(‘https://esqa.moneris.com’)

I can connect to my remote production server without any problem, so
it’s not like Ruby Net::HTTP doesn’t work.

Moneris says there’s no problem on their end. They had me telnet to
esqa.moneris.com, and that did work. Not to mention it works under Mac
OS X.

Does anyone have any suggestions for debugging this further. I’m sorta
at a road block. Maybe I just need to sleep on it.

On 03/27/2012 04:47 PM, James E. wrote:

simple like this hangs on my Linux box:

RestClient.get(‘https://esqa.moneris.com’)

You’re using HTTPS there, so could there be some sort of certificate
issue? Maybe your Linux environments no longer trust the CA cert used
to sign their certificate. I’m not sure why that would cause an
apparent hang, but hopefully that helps.

-Jeremy

Hi Jeremy, thanks for the ideas.

I visited https://esqa.moneris.com/ in my browser, and it looks like
they have a valid SSL certificate. I’ve also tried using
OpenSSL::SSL::VERIFY_NONE which also didn’t seem to make any difference.
I enabled debug output for Net:HTTP, but that didn’t give much info
either:

require ‘net/http’
=> true
irb(main):003:0> http = Net::HTTP.new(‘esqa.moneris.com’, 443)
=> #<Net::HTTP esqa.moneris.com:443 open=false>
irb(main):005:0> http.use_ssl = true
=> true
irb(main):006:0> http.verify_mode = OpenSSL::SSL::VERIFY_NONE
=> 0
irb(main):007:0> http.set_debug_output($stdout)
=> #<IO:>
irb(main):008:0> res = http.request(Net::HTTP::Get.new(‘/’))
opening connection to esqa.moneris.com
opened

(sits here…)

It looks like it may be an OpenSSL 1.0.1 or Arch Linux package issue.
I’ve only tested
under Arch Linux, so I’m not sure if it’s just a packaging issue or not?

(worked)
openssl-1.0.0.f
openssl-1.0.0.g
openssl-1.0.0.h

(did not work - timeout)
openssl-1.0.1-1

I decided to try different OpenSSL versions after testing with
Python/Requests. The error I got with Python said:

requests.exceptions.SSLError: _ssl.c:488: The handshake operation timed
out