1 votes

user1780370 avatar

Comment passer de SSLv3 à TLS ?

Demandé el 23 de Novembre, 2015
Quand la question a-t-elle été
1243 affichage
Nombre de visites la question a
1 Réponses
Nombre de réponses aux questions
Ouvert
Situation réelle de la question

Dans mon Rails application lorsque l'utilisateur paye pour les produits, il obtient une erreur.

OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed)

En raison de payment gateway does not support SSLv3 plus. Il faut donc régler le TLS

protocol in the OpenSSL::SSL::SSLContext.
ssl_version = :TLSv1

Mais j'ai essayé plusieurs fois mais je n'ai pas réussi à trouver comment set it ssl_version.

UPDATE

Maintenant, j'ai trouvé le chemin dans le serveur apache

Edited: /etc/apache2/mods-enabled/ssl.conf

>  SSLProtocol all
Change to 
>  SSLProtocol  TLSv1 TLSv1.1 TLSv1.2

Après avoir redémarré le serveur Apache.

Mais je reçois toujours la même erreur...quelqu'un ici peut m'aider....

Résultat SSLSCAN :

Supported Server Cipher(s):
    Failed    SSLv3  256 bits  ECDHE-RSA-AES256-GCM-SHA384
Failed    SSLv3  256 bits  ECDHE-ECDSA-AES256-GCM-SHA384
Failed    SSLv3  256 bits  ECDHE-RSA-AES256-SHA384
Failed    SSLv3  256 bits  ECDHE-ECDSA-AES256-SHA384
Rejected  SSLv3  256 bits  ECDHE-RSA-AES256-SHA
Rejected  SSLv3  256 bits  ECDHE-ECDSA-AES256-SHA
Failed    SSLv3  256 bits  SRP-DSS-AES-256-CBC-SHA
Failed    SSLv3  256 bits  SRP-RSA-AES-256-CBC-SHA
Failed    SSLv3  256 bits  SRP-AES-256-CBC-SHA
Failed    SSLv3  256 bits  DHE-DSS-AES256-GCM-SHA384
Failed    SSLv3  256 bits  DHE-RSA-AES256-GCM-SHA384
Failed    SSLv3  256 bits  DHE-RSA-AES256-SHA256
Failed    SSLv3  256 bits  DHE-DSS-AES256-SHA256
Rejected  SSLv3  256 bits  DHE-RSA-AES256-SHA
Rejected  SSLv3  256 bits  DHE-DSS-AES256-SHA
Rejected  SSLv3  256 bits  DHE-RSA-CAMELLIA256-SHA
Rejected  SSLv3  256 bits  DHE-DSS-CAMELLIA256-SHA
Rejected  SSLv3  256 bits  AECDH-AES256-SHA
Failed    SSLv3  256 bits  ADH-AES256-GCM-SHA384
Failed    SSLv3  256 bits  ADH-AES256-SHA256
Rejected  SSLv3  256 bits  ADH-AES256-SHA
Rejected  SSLv3  256 bits  ADH-CAMELLIA256-SHA
Failed    SSLv3  256 bits  ECDH-RSA-AES256-GCM-SHA384
Failed    SSLv3  256 bits  ECDH-ECDSA-AES256-GCM-SHA384
Failed    SSLv3  256 bits  ECDH-RSA-AES256-SHA384
Failed    SSLv3  256 bits  ECDH-ECDSA-AES256-SHA384
Rejected  SSLv3  256 bits  ECDH-RSA-AES256-SHA
Rejected  SSLv3  256 bits  ECDH-ECDSA-AES256-SHA
Failed    SSLv3  256 bits  AES256-GCM-SHA384
Failed    SSLv3  256 bits  AES256-SHA256
Rejected  SSLv3  256 bits  AES256-SHA
Rejected  SSLv3  256 bits  CAMELLIA256-SHA
Failed    SSLv3  256 bits  PSK-AES256-CBC-SHA
Rejected  SSLv3  168 bits  ECDHE-RSA-DES-CBC3-SHA
Rejected  SSLv3  168 bits  ECDHE-ECDSA-DES-CBC3-SHA
Failed    SSLv3  168 bits  SRP-DSS-3DES-EDE-CBC-SHA
Failed    SSLv3  168 bits  SRP-RSA-3DES-EDE-CBC-SHA
Failed    SSLv3  168 bits  SRP-3DES-EDE-CBC-SHA
Rejected  SSLv3  168 bits  EDH-RSA-DES-CBC3-SHA
Rejected  SSLv3  168 bits  EDH-DSS-DES-CBC3-SHA
Rejected  SSLv3  168 bits  AECDH-DES-CBC3-SHA
Rejected  SSLv3  168 bits  ADH-DES-CBC3-SHA
Rejected  SSLv3  168 bits  ECDH-RSA-DES-CBC3-SHA
Rejected  SSLv3  168 bits  ECDH-ECDSA-DES-CBC3-SHA
Rejected  SSLv3  168 bits  DES-CBC3-SHA
Failed    SSLv3  168 bits  PSK-3DES-EDE-CBC-SHA
Failed    SSLv3  128 bits  ECDHE-RSA-AES128-GCM-SHA256
Failed    SSLv3  128 bits  ECDHE-ECDSA-AES128-GCM-SHA256
Failed    SSLv3  128 bits  ECDHE-RSA-AES128-SHA256
Failed    SSLv3  128 bits  ECDHE-ECDSA-AES128-SHA256
Rejected  SSLv3  128 bits  ECDHE-RSA-AES128-SHA
Rejected  SSLv3  128 bits  ECDHE-ECDSA-AES128-SHA
Failed    SSLv3  128 bits  SRP-DSS-AES-128-CBC-SHA
Failed    SSLv3  128 bits  SRP-RSA-AES-128-CBC-SHA
Failed    SSLv3  128 bits  SRP-AES-128-CBC-SHA
Failed    SSLv3  128 bits  DHE-DSS-AES128-GCM-SHA256
Failed    SSLv3  128 bits  DHE-RSA-AES128-GCM-SHA256
Failed    SSLv3  128 bits  DHE-RSA-AES128-SHA256
Failed    SSLv3  128 bits  DHE-DSS-AES128-SHA256
Rejected  SSLv3  128 bits  DHE-RSA-AES128-SHA
Rejected  SSLv3  128 bits  DHE-DSS-AES128-SHA
Rejected  SSLv3  128 bits  DHE-RSA-SEED-SHA
Rejected  SSLv3  128 bits  DHE-DSS-SEED-SHA
Rejected  SSLv3  128 bits  DHE-RSA-CAMELLIA128-SHA
Rejected  SSLv3  128 bits  DHE-DSS-CAMELLIA128-SHA
Rejected  SSLv3  128 bits  AECDH-AES128-SHA
Failed    SSLv3  128 bits  ADH-AES128-GCM-SHA256
Failed    SSLv3  128 bits  ADH-AES128-SHA256
Rejected  SSLv3  128 bits  ADH-AES128-SHA
Rejected  SSLv3  128 bits  ADH-SEED-SHA
Rejected  SSLv3  128 bits  ADH-CAMELLIA128-SHA
Failed    SSLv3  128 bits  ECDH-RSA-AES128-GCM-SHA256
Failed    SSLv3  128 bits  ECDH-ECDSA-AES128-GCM-SHA256
Failed    SSLv3  128 bits  ECDH-RSA-AES128-SHA256
Failed    SSLv3  128 bits  ECDH-ECDSA-AES128-SHA256
Rejected  SSLv3  128 bits  ECDH-RSA-AES128-SHA
Rejected  SSLv3  128 bits  ECDH-ECDSA-AES128-SHA
Failed    SSLv3  128 bits  AES128-GCM-SHA256
Failed    SSLv3  128 bits  AES128-SHA256
Rejected  SSLv3  128 bits  AES128-SHA
Rejected  SSLv3  128 bits  SEED-SHA
Rejected  SSLv3  128 bits  CAMELLIA128-SHA
Failed    SSLv3  128 bits  PSK-AES128-CBC-SHA
Rejected  SSLv3  128 bits  ECDHE-RSA-RC4-SHA
Rejected  SSLv3  128 bits  ECDHE-ECDSA-RC4-SHA
Rejected  SSLv3  128 bits  AECDH-RC4-SHA
Rejected  SSLv3  128 bits  ADH-RC4-MD5
Rejected  SSLv3  128 bits  ECDH-RSA-RC4-SHA
Rejected  SSLv3  128 bits  ECDH-ECDSA-RC4-SHA
Rejected  SSLv3  128 bits  RC4-SHA
Rejected  SSLv3  128 bits  RC4-MD5
Failed    SSLv3  128 bits  PSK-RC4-SHA
Rejected  SSLv3  56 bits   EDH-RSA-DES-CBC-SHA
Rejected  SSLv3  56 bits   EDH-DSS-DES-CBC-SHA
Rejected  SSLv3  56 bits   ADH-DES-CBC-SHA
Rejected  SSLv3  56 bits   DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-EDH-RSA-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-EDH-DSS-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-ADH-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-RC2-CBC-MD5
Rejected  SSLv3  40 bits   EXP-ADH-RC4-MD5
Rejected  SSLv3  40 bits   EXP-RC4-MD5
Rejected  SSLv3  0 bits    ECDHE-RSA-NULL-SHA
Rejected  SSLv3  0 bits    ECDHE-ECDSA-NULL-SHA
Rejected  SSLv3  0 bits    AECDH-NULL-SHA
Rejected  SSLv3  0 bits    ECDH-RSA-NULL-SHA
Rejected  SSLv3  0 bits    ECDH-ECDSA-NULL-SHA
Failed    SSLv3  0 bits    NULL-SHA256
Rejected  SSLv3  0 bits    NULL-SHA
Rejected  SSLv3  0 bits    NULL-MD5
Failed    TLSv1  256 bits  ECDHE-RSA-AES256-GCM-SHA384
Failed    TLSv1  256 bits  ECDHE-ECDSA-AES256-GCM-SHA384
Failed    TLSv1  256 bits  ECDHE-RSA-AES256-SHA384
Failed    TLSv1  256 bits  ECDHE-ECDSA-AES256-SHA384
Accepted  TLSv1  256 bits  ECDHE-RSA-AES256-SHA
Rejected  TLSv1  256 bits  ECDHE-ECDSA-AES256-SHA
Failed    TLSv1  256 bits  SRP-DSS-AES-256-CBC-SHA
Failed    TLSv1  256 bits  SRP-RSA-AES-256-CBC-SHA
Failed    TLSv1  256 bits  SRP-AES-256-CBC-SHA
Failed    TLSv1  256 bits  DHE-DSS-AES256-GCM-SHA384
Failed    TLSv1  256 bits  DHE-RSA-AES256-GCM-SHA384
Failed    TLSv1  256 bits  DHE-RSA-AES256-SHA256
Failed    TLSv1  256 bits  DHE-DSS-AES256-SHA256
Accepted  TLSv1  256 bits  DHE-RSA-AES256-SHA
Rejected  TLSv1  256 bits  DHE-DSS-AES256-SHA
Accepted  TLSv1  256 bits  DHE-RSA-CAMELLIA256-SHA
Rejected  TLSv1  256 bits  DHE-DSS-CAMELLIA256-SHA
Rejected  TLSv1  256 bits  AECDH-AES256-SHA
Failed    TLSv1  256 bits  ADH-AES256-GCM-SHA384
Failed    TLSv1  256 bits  ADH-AES256-SHA256
Rejected  TLSv1  256 bits  ADH-AES256-SHA
Rejected  TLSv1  256 bits  ADH-CAMELLIA256-SHA
Failed    TLSv1  256 bits  ECDH-RSA-AES256-GCM-SHA384
Failed    TLSv1  256 bits  ECDH-ECDSA-AES256-GCM-SHA384
Failed    TLSv1  256 bits  ECDH-RSA-AES256-SHA384
Failed    TLSv1  256 bits  ECDH-ECDSA-AES256-SHA384
Rejected  TLSv1  256 bits  ECDH-RSA-AES256-SHA
Rejected  TLSv1  256 bits  ECDH-ECDSA-AES256-SHA
Failed    TLSv1  256 bits  AES256-GCM-SHA384
Failed    TLSv1  256 bits  AES256-SHA256
Accepted  TLSv1  256 bits  AES256-SHA
Accepted  TLSv1  256 bits  CAMELLIA256-SHA
Failed    TLSv1  256 bits  PSK-AES256-CBC-SHA
Accepted  TLSv1  168 bits  ECDHE-RSA-DES-CBC3-SHA
Rejected  TLSv1  168 bits  ECDHE-ECDSA-DES-CBC3-SHA
Failed    TLSv1  168 bits  SRP-DSS-3DES-EDE-CBC-SHA
Failed    TLSv1  168 bits  SRP-RSA-3DES-EDE-CBC-SHA
Failed    TLSv1  168 bits  SRP-3DES-EDE-CBC-SHA
Accepted  TLSv1  168 bits  EDH-RSA-DES-CBC3-SHA
Rejected  TLSv1  168 bits  EDH-DSS-DES-CBC3-SHA
Rejected  TLSv1  168 bits  AECDH-DES-CBC3-SHA
Rejected  TLSv1  168 bits  ADH-DES-CBC3-SHA
Rejected  TLSv1  168 bits  ECDH-RSA-DES-CBC3-SHA
Rejected  TLSv1  168 bits  ECDH-ECDSA-DES-CBC3-SHA
Accepted  TLSv1  168 bits  DES-CBC3-SHA
Failed    TLSv1  168 bits  PSK-3DES-EDE-CBC-SHA
Failed    TLSv1  128 bits  ECDHE-RSA-AES128-GCM-SHA256
Failed    TLSv1  128 bits  ECDHE-ECDSA-AES128-GCM-SHA256
Failed    TLSv1  128 bits  ECDHE-RSA-AES128-SHA256
Failed    TLSv1  128 bits  ECDHE-ECDSA-AES128-SHA256
Accepted  TLSv1  128 bits  ECDHE-RSA-AES128-SHA
Rejected  TLSv1  128 bits  ECDHE-ECDSA-AES128-SHA
Failed    TLSv1  128 bits  SRP-DSS-AES-128-CBC-SHA
Failed    TLSv1  128 bits  SRP-RSA-AES-128-CBC-SHA
Failed    TLSv1  128 bits  SRP-AES-128-CBC-SHA
Failed    TLSv1  128 bits  DHE-DSS-AES128-GCM-SHA256
Failed    TLSv1  128 bits  DHE-RSA-AES128-GCM-SHA256
Failed    TLSv1  128 bits  DHE-RSA-AES128-SHA256
Failed    TLSv1  128 bits  DHE-DSS-AES128-SHA256
Accepted  TLSv1  128 bits  DHE-RSA-AES128-SHA
Rejected  TLSv1  128 bits  DHE-DSS-AES128-SHA
Rejected  TLSv1  128 bits  DHE-RSA-SEED-SHA
Rejected  TLSv1  128 bits  DHE-DSS-SEED-SHA
Accepted  TLSv1  128 bits  DHE-RSA-CAMELLIA128-SHA
Rejected  TLSv1  128 bits  DHE-DSS-CAMELLIA128-SHA
Rejected  TLSv1  128 bits  AECDH-AES128-SHA
Failed    TLSv1  128 bits  ADH-AES128-GCM-SHA256
Failed    TLSv1  128 bits  ADH-AES128-SHA256
Rejected  TLSv1  128 bits  ADH-AES128-SHA
Rejected  TLSv1  128 bits  ADH-SEED-SHA
Rejected  TLSv1  128 bits  ADH-CAMELLIA128-SHA
Failed    TLSv1  128 bits  ECDH-RSA-AES128-GCM-SHA256
Failed    TLSv1  128 bits  ECDH-ECDSA-AES128-GCM-SHA256
Failed    TLSv1  128 bits  ECDH-RSA-AES128-SHA256
Failed    TLSv1  128 bits  ECDH-ECDSA-AES128-SHA256
Rejected  TLSv1  128 bits  ECDH-RSA-AES128-SHA
Rejected  TLSv1  128 bits  ECDH-ECDSA-AES128-SHA
Failed    TLSv1  128 bits  AES128-GCM-SHA256
Failed    TLSv1  128 bits  AES128-SHA256
Accepted  TLSv1  128 bits  AES128-SHA
Rejected  TLSv1  128 bits  SEED-SHA
Accepted  TLSv1  128 bits  CAMELLIA128-SHA
Failed    TLSv1  128 bits  PSK-AES128-CBC-SHA
Rejected  TLSv1  128 bits  ECDHE-RSA-RC4-SHA
Rejected  TLSv1  128 bits  ECDHE-ECDSA-RC4-SHA
Rejected  TLSv1  128 bits  AECDH-RC4-SHA
Rejected  TLSv1  128 bits  ADH-RC4-MD5
Rejected  TLSv1  128 bits  ECDH-RSA-RC4-SHA
Rejected  TLSv1  128 bits  ECDH-ECDSA-RC4-SHA
Rejected  TLSv1  128 bits  RC4-SHA
Rejected  TLSv1  128 bits  RC4-MD5
Failed    TLSv1  128 bits  PSK-RC4-SHA
Rejected  TLSv1  56 bits   EDH-RSA-DES-CBC-SHA
Rejected  TLSv1  56 bits   EDH-DSS-DES-CBC-SHA
Rejected  TLSv1  56 bits   ADH-DES-CBC-SHA
Rejected  TLSv1  56 bits   DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-EDH-RSA-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-EDH-DSS-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-ADH-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-RC2-CBC-MD5
Rejected  TLSv1  40 bits   EXP-ADH-RC4-MD5
Rejected  TLSv1  40 bits   EXP-RC4-MD5
Rejected  TLSv1  0 bits    ECDHE-RSA-NULL-SHA
Rejected  TLSv1  0 bits    ECDHE-ECDSA-NULL-SHA
Rejected  TLSv1  0 bits    AECDH-NULL-SHA
Rejected  TLSv1  0 bits    ECDH-RSA-NULL-SHA
Rejected  TLSv1  0 bits    ECDH-ECDSA-NULL-SHA
Failed    TLSv1  0 bits    NULL-SHA256
Rejected  TLSv1  0 bits    NULL-SHA
Rejected  TLSv1  0 bits    NULL-MD5

Gracias

Demandé el 23 de Novembre, 2015 par user1780370

Réponse

Trop de publicités?

0voto

user1780370 avatar
user1780370 Points 111

Oui, j'ai trouvé des solutions moi-même.

J'ai résolu toutes les erreurs de protocole, mais l'erreur s'affiche toujours en raison de l'ancienne version de la gemme activemerchant.

Donc, après les changements de Sagepay Gateway, il n'est pas dans la gemme, donc une fois que j'ai mis à jour la gemme d'activemerchant, la mise à jour automatique de SagePay Gateway a résolu mon erreur.

Gracias

Répondu el 25 de Novembre, 2015 par user1780370 (111 Points )

Questions en vedette

Top Tags

Dans notre réseau

SistemesEz.com

SystemesEZ est une communauté de sysadmins où vous pouvez résoudre vos problèmes et vos doutes. Vous pouvez consulter les questions des autres sysadmins, poser vos propres questions ou résoudre celles des autres.

Powered by:

Yandex
X