Forum: Ruby on Rails Weird behaviour using ssl connection (OpenSSL::SSL::SSLError)

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
67d4cedfd307f92cbcc1e7ff860583d4?d=identicon&s=25 Paulo C. (phlcastro)
on 2013-08-29 14:33
Hi guys

when I execute the piece of code bellow on RoR console it works fine:

url = URI.parse("https://us1.api.mailchimp.com/2.0/helper/ping")
request = Net::HTTP::Post.new(url.path)
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request.body = "{\"apikey\": \"myapikey\"}"

response = http.start {|http| http.request(request) }


But when I try to use it on my RoR app I get the following error:

OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=unknown
state: sslv3 alert handshake failure)

Someone know what could be happening?

Thank you all in advance!

Best regards

Paulo
67d4cedfd307f92cbcc1e7ff860583d4?d=identicon&s=25 Paulo C. (phlcastro)
on 2013-08-30 15:40
I mean, when I execute the code bellow from web browser..
I'm using apache+phusionpassenger

Please, anyone has any idea? I couldn't find anything to help yet!!

Thank you all in advance!



Paulo Castro wrote in post #1119935:
> Hi guys
>
> when I execute the piece of code bellow on RoR console it works fine:
>
> url = URI.parse("https://us1.api.mailchimp.com/2.0/helper/ping")
> request = Net::HTTP::Post.new(url.path)
> http = Net::HTTP.new(url.host, url.port)
> http.use_ssl = true
> http.verify_mode = OpenSSL::SSL::VERIFY_NONE
> request.body = "{\"apikey\": \"myapikey\"}"
>
> response = http.start {|http| http.request(request) }
>
>
> But when I try to use it on my RoR app I get the following error:
>
> OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=unknown
> state: sslv3 alert handshake failure)
>
> Someone know what could be happening?
>
> Thank you all in advance!
>
> Best regards
>
> Paulo
Colin Law (Guest)
on 2013-08-30 15:48
(Received via mailing list)
On 30 August 2013 14:40, Paulo Castro <lists@ruby-forum.com> wrote:
> I mean, when I execute the code bellow from web browser..

How are you executing it from a browser?

Colin
Jordon Bedwell (Guest)
on 2013-08-30 15:48
(Received via mailing list)
On Fri, Aug 30, 2013 at 8:40 AM, Paulo Castro <lists@ruby-forum.com>
wrote:
> I mean, when I execute the code bellow from web browser..
> I'm using apache+phusionpassenger
>
> Please, anyone has any idea? I couldn't find anything to help yet!!

First make sure your OpenSSL is working fine, then make sure you've
the SSL headers installed and recompile Ruby.  Also, see if the
simplest form of connection works:

require "net/https"
Net::HTTP.get(URI.parse("https://us1.api.mailchimp.com/2.0/helper/ping"))
67d4cedfd307f92cbcc1e7ff860583d4?d=identicon&s=25 Paulo C. (phlcastro)
on 2013-08-30 16:14
Hi Jordon,

thank you very much for your response!

I'm assuming that my OpenSSL is working fine and my Ruby is already
compiled with SSL headers, since when I execute using Rails console it
works fine.

Your code doesn't work because this endpoint don't allow http
connection, only https.
If I include the .use_ssl = true in your code, I get the same problem.

When I run this app using WEBrick it also works fine.

This problem only happens on Apache+PhusionPassenger...

Best regards

Paulo

Jordon Bedwell wrote in post #1120092:
> On Fri, Aug 30, 2013 at 8:40 AM, Paulo Castro <lists@ruby-forum.com>
> wrote:
>> I mean, when I execute the code bellow from web browser..
>> I'm using apache+phusionpassenger
>>
>> Please, anyone has any idea? I couldn't find anything to help yet!!
>
> First make sure your OpenSSL is working fine, then make sure you've
> the SSL headers installed and recompile Ruby.  Also, see if the
> simplest form of connection works:
>
> require "net/https"
> Net::HTTP.get(URI.parse("https://us1.api.mailchimp.com/2.0/helper/ping"))
This topic is locked and can not be replied to.