SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A

Question

I have a ruby client that connects to an exchange server using IMAP & SSL. I use the Ruby Net::IMAP library (which uses openssl under the covers) to connect. Its been wo

Answer 1

Well it turns out the root cause on this one was ms exchange was misconfigured. I would love to have learned more about ssl errors and how to troublshoot them, but I just didnt get much info on this.

I did try to just troublshoot this using open ssl, fyi, you can do: OpenSSL> s_client -connect myserver:993

When it was broken, I received this error: CONNECTED(00000003) 26831:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

Once we fixed I got a cert and handshake message etc.

Here is what my exchange admin said he did: "I just went to the IMAP protocol and went to the access tab. Then the certificates button. From there I chose to replace the cert and chose the new cert."

Answer 2

I received this error trying to connect to dynamoDB with rails 3 using the default setup. Solution was to add

config.port = 443

to the

dynamo_db.rb

initializer

As of this writing this fix is in an unmerged branch of the gem.

Answer 3

According to the documentation, you can set the SSL verification to none when instantiating Net:IMAP

foo = Net::IMAP.new(host, port, true, nil, false)

You can also point to a local copy of the CA cert with the certs option.

note: I haven't tried this myself...