Typheous SSL connect error



Disclaimer: this is the extended post from a solution I gave on StackOverflow

I am trying to connect to a WebService via Typhoeus on Rails and the response is giving me code 0. It tells me that an ssl_connect_error has ocurred.

Typhoeus' documentation says to read the message detail to understand the nature of the error. After some time I could get the generated curl url and given that I got the undelying error

error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small

So the trouble lies withing a security requirement that my computer was having, I was trying to connect to a system with well expired security measures, but updating the server was going to takes LOTS of time if the other party even considered making the upgrade.

After some sometime I reached into [[https://imlc.me/dh-key-too-small]] where it gives directions on how to lower one's own security level. Not something I was willing to do, and besides it would require not to just change my machine, but any machine what would be running the service.

But I also learned that I could use the --cipher 'DEFAULT:!DH flag into curl command line.

Easy-piece, now, how do I pass that flag from my code, to Typhoeus, to Curl? Typhoeus uses Ethon, and in Ethon options the flag ssl_cipher_list exists.

So we can add ssl_cipher_list into our Typhoeus request, like so

request = Typhoeus::Request.new(url,
method: method,
body: body,
headers: headers,
params: params,
ssl_cipher_list: 'DEFAULT:!DH')

It would be better to just have the server updated, but in the meanwhile me, and maybe you, can connect to servers which present the same error.