Open adrianshort opened 5 years ago
Maybe try this when intialising Mechanize:
instead of just
agent = Mechanize.new
try
agent = Mechanize.new{ |a| a.ssl_version, a.verify_mode = 'TLSv1', OpenSSL::SSL::VERIFY_NONE }
Locally, this works for Bolton but then breaks for Sutton:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=unknown state: tlsv1 alert protocol version
I've got the same problem (transiently) with Bury, running locally:
Getting: https://planning.bury.gov.uk/online-applications/search.do?action=advanced
../.rvm/rubies/ruby-2.3.0/lib/ruby/2.3.0/net/http.rb:933:in `connect_nonblock': SSL_connect returned=1 errno=0 state=error: certificate verify failed (OpenSSL::SSL::SSLError)
In the last couple of days Sutton has started returning an SSL error: OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate))
It appears the target server is misconfigured. It is missing chain certificates, as can be seen by running this: https://www.ssllabs.com/ssltest/analyze.html?d=planningregister.sutton.gov.uk
This server's certificate chain is incomplete. Grade capped to B.
Not sure how to resolve this. Came to a dead end trying to add the missing cert to the local CA store, and anyway doing so feels dirty.