Closed shreeve closed 1 year ago
Adding this issue in the hopes it saves someone some time in the future.
I was having difficulty connecting to certain websites, and kept seeing the following error:
net/protocol.rb:46:in `connect_nonblock': SSL_connect returned=1 errno=0 peeraddr=XXX:443 state=error: unsafe legacy renegotiation disabled (OpenSSL::SSL::SSLError)
I fixed it by adding an option flag for OpenSSL prior to establishing the connection, as follows:
OpenSSL
#!/usr/bin/env ruby require "mechanize" # patch OpenSSL OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:options] |= OpenSSL::SSL::OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION # continue as usual from here...
What this does is allow unsafe legacy renegotiation with websites that have not yet updated their stack.
unsafe legacy renegotiation
This is probably not an ideal fix, but may save some other wayward traveler a few hours poking around.
Adding this issue in the hopes it saves someone some time in the future.
I was having difficulty connecting to certain websites, and kept seeing the following error:
I fixed it by adding an option flag for
OpenSSLprior to establishing the connection, as follows:What this does is allow
unsafe legacy renegotiationwith websites that have not yet updated their stack.This is probably not an ideal fix, but may save some other wayward traveler a few hours poking around.