我正在尝试让REE与SSL协作,但是遇到了一些问题。
每当我连接到一个SSL网站时:
require 'open-uri'
open 'https://www.google.com'
I get the following error:
/Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:586:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:586:in `connect'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:553:in `do_start'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:542:in `start'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:242:in `open_http'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:616:in `buffer_open'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:164:in `open_loop'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:162:in `catch'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:162:in `open_loop'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:132:in `open_uri'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:518:in `open'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:30:in `open'
在Ruby 1.9.2或常规的1.8.7下运行良好。我尝试重新打包OpenSSL并安装ree以链接它,如 RVM OpenSSL页面中所述,但没有效果。我使用的是OS X 10.6.7,但我们的OpenSolaris REE安装也出现了同样的问题。
非常感谢您提供任何建议。
c_rehash
实用程序来创建哈希链接吗?这是必要的。 - cafcacert.pem
就是后者 - 你只需要将它重命名(或创建一个符号链接指向它)为 REE 正在使用的默认 CAfile 的单一名称即可。/opt/local/etc/openssl
可能是默认的 CApath,如果是这样,你就需要破解证书 - 你可以从 Debianca-certificates
包源文件 中获取这些证书。 - caf