Como alterar o SSLv3 para o TLS?

Question

Como alterar o SSLv3 para o TLS?

#1 resposta do user1780370 (0 votos)

1

No meu Rails application quando o usuário paga pelos produtos recebe um erro.

OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed)

Devido a payment gateway does not support SSLv3 mais. Então precisa definir o TLS

protocol in the OpenSSL::SSL::SSLContext.
ssl_version = :TLSv1

Mas eu tentei muitas, mas não entendi como set it ssl_version.

UPDATE

Agora, encontrei o caminho no servidor apache

Edited: /etc/apache2/mods-enabled/ssl.conf

>  SSLProtocol all
Change to 
>  SSLProtocol  TLSv1 TLSv1.1 TLSv1.2

Após reiniciar o servidor apache.

Mas ainda tem o mesmo erro ... qualquer um aqui pode ajudar ...

Resultado SSLSCAN:

Supported Server Cipher(s):
    Failed    SSLv3  256 bits  ECDHE-RSA-AES256-GCM-SHA384
Failed    SSLv3  256 bits  ECDHE-ECDSA-AES256-GCM-SHA384
Failed    SSLv3  256 bits  ECDHE-RSA-AES256-SHA384
Failed    SSLv3  256 bits  ECDHE-ECDSA-AES256-SHA384
Rejected  SSLv3  256 bits  ECDHE-RSA-AES256-SHA
Rejected  SSLv3  256 bits  ECDHE-ECDSA-AES256-SHA
Failed    SSLv3  256 bits  SRP-DSS-AES-256-CBC-SHA
Failed    SSLv3  256 bits  SRP-RSA-AES-256-CBC-SHA
Failed    SSLv3  256 bits  SRP-AES-256-CBC-SHA
Failed    SSLv3  256 bits  DHE-DSS-AES256-GCM-SHA384
Failed    SSLv3  256 bits  DHE-RSA-AES256-GCM-SHA384
Failed    SSLv3  256 bits  DHE-RSA-AES256-SHA256
Failed    SSLv3  256 bits  DHE-DSS-AES256-SHA256
Rejected  SSLv3  256 bits  DHE-RSA-AES256-SHA
Rejected  SSLv3  256 bits  DHE-DSS-AES256-SHA
Rejected  SSLv3  256 bits  DHE-RSA-CAMELLIA256-SHA
Rejected  SSLv3  256 bits  DHE-DSS-CAMELLIA256-SHA
Rejected  SSLv3  256 bits  AECDH-AES256-SHA
Failed    SSLv3  256 bits  ADH-AES256-GCM-SHA384
Failed    SSLv3  256 bits  ADH-AES256-SHA256
Rejected  SSLv3  256 bits  ADH-AES256-SHA
Rejected  SSLv3  256 bits  ADH-CAMELLIA256-SHA
Failed    SSLv3  256 bits  ECDH-RSA-AES256-GCM-SHA384
Failed    SSLv3  256 bits  ECDH-ECDSA-AES256-GCM-SHA384
Failed    SSLv3  256 bits  ECDH-RSA-AES256-SHA384
Failed    SSLv3  256 bits  ECDH-ECDSA-AES256-SHA384
Rejected  SSLv3  256 bits  ECDH-RSA-AES256-SHA
Rejected  SSLv3  256 bits  ECDH-ECDSA-AES256-SHA
Failed    SSLv3  256 bits  AES256-GCM-SHA384
Failed    SSLv3  256 bits  AES256-SHA256
Rejected  SSLv3  256 bits  AES256-SHA
Rejected  SSLv3  256 bits  CAMELLIA256-SHA
Failed    SSLv3  256 bits  PSK-AES256-CBC-SHA
Rejected  SSLv3  168 bits  ECDHE-RSA-DES-CBC3-SHA
Rejected  SSLv3  168 bits  ECDHE-ECDSA-DES-CBC3-SHA
Failed    SSLv3  168 bits  SRP-DSS-3DES-EDE-CBC-SHA
Failed    SSLv3  168 bits  SRP-RSA-3DES-EDE-CBC-SHA
Failed    SSLv3  168 bits  SRP-3DES-EDE-CBC-SHA
Rejected  SSLv3  168 bits  EDH-RSA-DES-CBC3-SHA
Rejected  SSLv3  168 bits  EDH-DSS-DES-CBC3-SHA
Rejected  SSLv3  168 bits  AECDH-DES-CBC3-SHA
Rejected  SSLv3  168 bits  ADH-DES-CBC3-SHA
Rejected  SSLv3  168 bits  ECDH-RSA-DES-CBC3-SHA
Rejected  SSLv3  168 bits  ECDH-ECDSA-DES-CBC3-SHA
Rejected  SSLv3  168 bits  DES-CBC3-SHA
Failed    SSLv3  168 bits  PSK-3DES-EDE-CBC-SHA
Failed    SSLv3  128 bits  ECDHE-RSA-AES128-GCM-SHA256
Failed    SSLv3  128 bits  ECDHE-ECDSA-AES128-GCM-SHA256
Failed    SSLv3  128 bits  ECDHE-RSA-AES128-SHA256
Failed    SSLv3  128 bits  ECDHE-ECDSA-AES128-SHA256
Rejected  SSLv3  128 bits  ECDHE-RSA-AES128-SHA
Rejected  SSLv3  128 bits  ECDHE-ECDSA-AES128-SHA
Failed    SSLv3  128 bits  SRP-DSS-AES-128-CBC-SHA
Failed    SSLv3  128 bits  SRP-RSA-AES-128-CBC-SHA
Failed    SSLv3  128 bits  SRP-AES-128-CBC-SHA
Failed    SSLv3  128 bits  DHE-DSS-AES128-GCM-SHA256
Failed    SSLv3  128 bits  DHE-RSA-AES128-GCM-SHA256
Failed    SSLv3  128 bits  DHE-RSA-AES128-SHA256
Failed    SSLv3  128 bits  DHE-DSS-AES128-SHA256
Rejected  SSLv3  128 bits  DHE-RSA-AES128-SHA
Rejected  SSLv3  128 bits  DHE-DSS-AES128-SHA
Rejected  SSLv3  128 bits  DHE-RSA-SEED-SHA
Rejected  SSLv3  128 bits  DHE-DSS-SEED-SHA
Rejected  SSLv3  128 bits  DHE-RSA-CAMELLIA128-SHA
Rejected  SSLv3  128 bits  DHE-DSS-CAMELLIA128-SHA
Rejected  SSLv3  128 bits  AECDH-AES128-SHA
Failed    SSLv3  128 bits  ADH-AES128-GCM-SHA256
Failed    SSLv3  128 bits  ADH-AES128-SHA256
Rejected  SSLv3  128 bits  ADH-AES128-SHA
Rejected  SSLv3  128 bits  ADH-SEED-SHA
Rejected  SSLv3  128 bits  ADH-CAMELLIA128-SHA
Failed    SSLv3  128 bits  ECDH-RSA-AES128-GCM-SHA256
Failed    SSLv3  128 bits  ECDH-ECDSA-AES128-GCM-SHA256
Failed    SSLv3  128 bits  ECDH-RSA-AES128-SHA256
Failed    SSLv3  128 bits  ECDH-ECDSA-AES128-SHA256
Rejected  SSLv3  128 bits  ECDH-RSA-AES128-SHA
Rejected  SSLv3  128 bits  ECDH-ECDSA-AES128-SHA
Failed    SSLv3  128 bits  AES128-GCM-SHA256
Failed    SSLv3  128 bits  AES128-SHA256
Rejected  SSLv3  128 bits  AES128-SHA
Rejected  SSLv3  128 bits  SEED-SHA
Rejected  SSLv3  128 bits  CAMELLIA128-SHA
Failed    SSLv3  128 bits  PSK-AES128-CBC-SHA
Rejected  SSLv3  128 bits  ECDHE-RSA-RC4-SHA
Rejected  SSLv3  128 bits  ECDHE-ECDSA-RC4-SHA
Rejected  SSLv3  128 bits  AECDH-RC4-SHA
Rejected  SSLv3  128 bits  ADH-RC4-MD5
Rejected  SSLv3  128 bits  ECDH-RSA-RC4-SHA
Rejected  SSLv3  128 bits  ECDH-ECDSA-RC4-SHA
Rejected  SSLv3  128 bits  RC4-SHA
Rejected  SSLv3  128 bits  RC4-MD5
Failed    SSLv3  128 bits  PSK-RC4-SHA
Rejected  SSLv3  56 bits   EDH-RSA-DES-CBC-SHA
Rejected  SSLv3  56 bits   EDH-DSS-DES-CBC-SHA
Rejected  SSLv3  56 bits   ADH-DES-CBC-SHA
Rejected  SSLv3  56 bits   DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-EDH-RSA-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-EDH-DSS-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-ADH-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-RC2-CBC-MD5
Rejected  SSLv3  40 bits   EXP-ADH-RC4-MD5
Rejected  SSLv3  40 bits   EXP-RC4-MD5
Rejected  SSLv3  0 bits    ECDHE-RSA-NULL-SHA
Rejected  SSLv3  0 bits    ECDHE-ECDSA-NULL-SHA
Rejected  SSLv3  0 bits    AECDH-NULL-SHA
Rejected  SSLv3  0 bits    ECDH-RSA-NULL-SHA
Rejected  SSLv3  0 bits    ECDH-ECDSA-NULL-SHA
Failed    SSLv3  0 bits    NULL-SHA256
Rejected  SSLv3  0 bits    NULL-SHA
Rejected  SSLv3  0 bits    NULL-MD5
Failed    TLSv1  256 bits  ECDHE-RSA-AES256-GCM-SHA384
Failed    TLSv1  256 bits  ECDHE-ECDSA-AES256-GCM-SHA384
Failed    TLSv1  256 bits  ECDHE-RSA-AES256-SHA384
Failed    TLSv1  256 bits  ECDHE-ECDSA-AES256-SHA384
Accepted  TLSv1  256 bits  ECDHE-RSA-AES256-SHA
Rejected  TLSv1  256 bits  ECDHE-ECDSA-AES256-SHA
Failed    TLSv1  256 bits  SRP-DSS-AES-256-CBC-SHA
Failed    TLSv1  256 bits  SRP-RSA-AES-256-CBC-SHA
Failed    TLSv1  256 bits  SRP-AES-256-CBC-SHA
Failed    TLSv1  256 bits  DHE-DSS-AES256-GCM-SHA384
Failed    TLSv1  256 bits  DHE-RSA-AES256-GCM-SHA384
Failed    TLSv1  256 bits  DHE-RSA-AES256-SHA256
Failed    TLSv1  256 bits  DHE-DSS-AES256-SHA256
Accepted  TLSv1  256 bits  DHE-RSA-AES256-SHA
Rejected  TLSv1  256 bits  DHE-DSS-AES256-SHA
Accepted  TLSv1  256 bits  DHE-RSA-CAMELLIA256-SHA
Rejected  TLSv1  256 bits  DHE-DSS-CAMELLIA256-SHA
Rejected  TLSv1  256 bits  AECDH-AES256-SHA
Failed    TLSv1  256 bits  ADH-AES256-GCM-SHA384
Failed    TLSv1  256 bits  ADH-AES256-SHA256
Rejected  TLSv1  256 bits  ADH-AES256-SHA
Rejected  TLSv1  256 bits  ADH-CAMELLIA256-SHA
Failed    TLSv1  256 bits  ECDH-RSA-AES256-GCM-SHA384
Failed    TLSv1  256 bits  ECDH-ECDSA-AES256-GCM-SHA384
Failed    TLSv1  256 bits  ECDH-RSA-AES256-SHA384
Failed    TLSv1  256 bits  ECDH-ECDSA-AES256-SHA384
Rejected  TLSv1  256 bits  ECDH-RSA-AES256-SHA
Rejected  TLSv1  256 bits  ECDH-ECDSA-AES256-SHA
Failed    TLSv1  256 bits  AES256-GCM-SHA384
Failed    TLSv1  256 bits  AES256-SHA256
Accepted  TLSv1  256 bits  AES256-SHA
Accepted  TLSv1  256 bits  CAMELLIA256-SHA
Failed    TLSv1  256 bits  PSK-AES256-CBC-SHA
Accepted  TLSv1  168 bits  ECDHE-RSA-DES-CBC3-SHA
Rejected  TLSv1  168 bits  ECDHE-ECDSA-DES-CBC3-SHA
Failed    TLSv1  168 bits  SRP-DSS-3DES-EDE-CBC-SHA
Failed    TLSv1  168 bits  SRP-RSA-3DES-EDE-CBC-SHA
Failed    TLSv1  168 bits  SRP-3DES-EDE-CBC-SHA
Accepted  TLSv1  168 bits  EDH-RSA-DES-CBC3-SHA
Rejected  TLSv1  168 bits  EDH-DSS-DES-CBC3-SHA
Rejected  TLSv1  168 bits  AECDH-DES-CBC3-SHA
Rejected  TLSv1  168 bits  ADH-DES-CBC3-SHA
Rejected  TLSv1  168 bits  ECDH-RSA-DES-CBC3-SHA
Rejected  TLSv1  168 bits  ECDH-ECDSA-DES-CBC3-SHA
Accepted  TLSv1  168 bits  DES-CBC3-SHA
Failed    TLSv1  168 bits  PSK-3DES-EDE-CBC-SHA
Failed    TLSv1  128 bits  ECDHE-RSA-AES128-GCM-SHA256
Failed    TLSv1  128 bits  ECDHE-ECDSA-AES128-GCM-SHA256
Failed    TLSv1  128 bits  ECDHE-RSA-AES128-SHA256
Failed    TLSv1  128 bits  ECDHE-ECDSA-AES128-SHA256
Accepted  TLSv1  128 bits  ECDHE-RSA-AES128-SHA
Rejected  TLSv1  128 bits  ECDHE-ECDSA-AES128-SHA
Failed    TLSv1  128 bits  SRP-DSS-AES-128-CBC-SHA
Failed    TLSv1  128 bits  SRP-RSA-AES-128-CBC-SHA
Failed    TLSv1  128 bits  SRP-AES-128-CBC-SHA
Failed    TLSv1  128 bits  DHE-DSS-AES128-GCM-SHA256
Failed    TLSv1  128 bits  DHE-RSA-AES128-GCM-SHA256
Failed    TLSv1  128 bits  DHE-RSA-AES128-SHA256
Failed    TLSv1  128 bits  DHE-DSS-AES128-SHA256
Accepted  TLSv1  128 bits  DHE-RSA-AES128-SHA
Rejected  TLSv1  128 bits  DHE-DSS-AES128-SHA
Rejected  TLSv1  128 bits  DHE-RSA-SEED-SHA
Rejected  TLSv1  128 bits  DHE-DSS-SEED-SHA
Accepted  TLSv1  128 bits  DHE-RSA-CAMELLIA128-SHA
Rejected  TLSv1  128 bits  DHE-DSS-CAMELLIA128-SHA
Rejected  TLSv1  128 bits  AECDH-AES128-SHA
Failed    TLSv1  128 bits  ADH-AES128-GCM-SHA256
Failed    TLSv1  128 bits  ADH-AES128-SHA256
Rejected  TLSv1  128 bits  ADH-AES128-SHA
Rejected  TLSv1  128 bits  ADH-SEED-SHA
Rejected  TLSv1  128 bits  ADH-CAMELLIA128-SHA
Failed    TLSv1  128 bits  ECDH-RSA-AES128-GCM-SHA256
Failed    TLSv1  128 bits  ECDH-ECDSA-AES128-GCM-SHA256
Failed    TLSv1  128 bits  ECDH-RSA-AES128-SHA256
Failed    TLSv1  128 bits  ECDH-ECDSA-AES128-SHA256
Rejected  TLSv1  128 bits  ECDH-RSA-AES128-SHA
Rejected  TLSv1  128 bits  ECDH-ECDSA-AES128-SHA
Failed    TLSv1  128 bits  AES128-GCM-SHA256
Failed    TLSv1  128 bits  AES128-SHA256
Accepted  TLSv1  128 bits  AES128-SHA
Rejected  TLSv1  128 bits  SEED-SHA
Accepted  TLSv1  128 bits  CAMELLIA128-SHA
Failed    TLSv1  128 bits  PSK-AES128-CBC-SHA
Rejected  TLSv1  128 bits  ECDHE-RSA-RC4-SHA
Rejected  TLSv1  128 bits  ECDHE-ECDSA-RC4-SHA
Rejected  TLSv1  128 bits  AECDH-RC4-SHA
Rejected  TLSv1  128 bits  ADH-RC4-MD5
Rejected  TLSv1  128 bits  ECDH-RSA-RC4-SHA
Rejected  TLSv1  128 bits  ECDH-ECDSA-RC4-SHA
Rejected  TLSv1  128 bits  RC4-SHA
Rejected  TLSv1  128 bits  RC4-MD5
Failed    TLSv1  128 bits  PSK-RC4-SHA
Rejected  TLSv1  56 bits   EDH-RSA-DES-CBC-SHA
Rejected  TLSv1  56 bits   EDH-DSS-DES-CBC-SHA
Rejected  TLSv1  56 bits   ADH-DES-CBC-SHA
Rejected  TLSv1  56 bits   DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-EDH-RSA-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-EDH-DSS-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-ADH-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-RC2-CBC-MD5
Rejected  TLSv1  40 bits   EXP-ADH-RC4-MD5
Rejected  TLSv1  40 bits   EXP-RC4-MD5
Rejected  TLSv1  0 bits    ECDHE-RSA-NULL-SHA
Rejected  TLSv1  0 bits    ECDHE-ECDSA-NULL-SHA
Rejected  TLSv1  0 bits    AECDH-NULL-SHA
Rejected  TLSv1  0 bits    ECDH-RSA-NULL-SHA
Rejected  TLSv1  0 bits    ECDH-ECDSA-NULL-SHA
Failed    TLSv1  0 bits    NULL-SHA256
Rejected  TLSv1  0 bits    NULL-SHA
Rejected  TLSv1  0 bits    NULL-MD5

Obrigado

por user1780370 23.11.2015 / 13:20

1 resposta

Meu disco rígido WD 1TB possui dados desordenados Java Erro javax / swing / text / GlyphView.getBreakSpot Encontrado ao executar um comando

score 0 · Answer 1

Sim, eu tenho soluções para mim mesmo.

Eu resolvi toda a exibição de erro ainda erro de protocolo devido à versão antiga do gem do ativemerchant.

Assim, após as alterações do portal Sagepay, ele não está no modo gem, assim que eu atualizei a gem do ativemerchant, em seguida, recebo atualizações automáticas do SagePay Gateway, o que resolveu meu erro.

Obrigado