Open Tectract opened 3 years ago
I'm terribly allergic to poodles! Is there any way to update the server to TLSv1.3 before I make a visit?
luckily I tracked down this issue, it was actually making a request through the newrelic_rpm gem, NET::http method, which appears deprecrated, lol. I was able to get it to connect to coinbase REST API again by updating this one line:
@conn.ssl_version = :TLSv1
to:
@conn.ssl_version = :TLSv1_2
Thankfully! All the new TLS NMI and version updates are causing havoc for old linux / rails / ruby implementations that used OpenSSL TLSv1. It's not the first time I have done battle with it, lol.
Luckily my TLS stack for the webserver itself is upgraded and secured with TSL1.3. This is just a backend call to a third-party data provider, so as long as it works, I'm happy :)
One of the servers I'm using is now returning this. Argh.
I have some old code that uses em-http-request and I see code that looks like this:
here : https://github.com/Tectract/gdax-client/blob/master/lib/coinbase/exchange/adapters/net_http.rb
@conn.ssl_version = :TLSv1
that line is surely a problem. How can I update to allow it to connect to the SSLV3 server? I believe this is related to SNI support...