grpc 错误 SSL23_GET_SERVER_HELLO
grpc error SSL23_GET_SERVER_HELLO
使用 Ubuntu 16.04...
在 Vagrant VM 中工作
我以前能够使用 Google 的 Dialogflow API 检测意图,但现在它在我的新 VM 中抛出错误。
步骤:
- 创建 Dialogflow 项目
- 下载应用程序凭据JSON
npm i dialogflowexport GOOGLE_APPLICATION_CREDENTIALS=/path/to/creds.json
node -e '
const dialogflow = require("dialogflow");
const cli = new dialogflow.SessionsClient();
const session = cli.sessionPath("df-project-id", "session-id");
const request = { session, queryInput: { text: { text: "Hello" } } };
cli.detectIntent(request).then(console.log, console.error);'
错误:
Auth error:Error: write EPROTO 140436597872448:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:../deps/openssl/openssl/ssl/s23_clnt.c:827
调试:
证书位于它们的默认位置 /etc/ssl/certs/ca-certificates.crt,我知道 NodeJS 正在使用它们,因为 NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt ${df test above} 说:
(node:4067) Warning: Ignoring extra certs from '/etc/ssl/certs/ca-certificates.crt', load failed: error:0B07C065:x509 certificate routines:X509_STORE_add_cert:cert already in hash table
我看到请求也使用了在环境变量中声明的经过身份验证的代理:
http_proxy=http://user:pass@proxy:port
HTTP_PROXY=http://user:pass@proxy:port
https_proxy=http://user:pass@proxy:port
HTTPS_PROXY=http://user:pass@proxy:port
请求:
{
"pathname": "https://www.googleapis.com/oauth2/v4/token",
"nativeProtocols": {
"http:": {
"METHODS": [...],
"STATUS_CODES": {...},
"globalAgent": {
"domain": {
"domain": null,
"_events": {},
"_eventsCount": 1,
"members": []
},
"_events": {},
"_eventsCount": 1,
"defaultPort": 80,
"protocol": "http:",
"options": {
"path": null
},
"requests": {},
"sockets": {},
"freeSockets": {},
"keepAliveMsecs": 1000,
"keepAlive": false,
"maxSockets": null,
"maxFreeSockets": 256
}
},
"https:": {
"globalAgent": {
"domain": {
"domain": null,
"_events": {},
"_eventsCount": 1,
"members": []
},
"_events": {},
"_eventsCount": 1,
"defaultPort": 443,
"protocol": "https:",
"options": {
"path": null
},
"requests": {},
"sockets": {},
"freeSockets": {},
"keepAliveMsecs": 1000,
"keepAlive": false,
"maxSockets": null,
"maxFreeSockets": 256,
"maxCachedSessions": 100,
"_sessionCache": {
"map": {},
"list": []
}
}
}
},
"host": "proxy.*.com",
"port": "8080",
"hostname": "proxy.*.com",
"headers": {
"Accept": "application/json, text/plain, */*",
"Content-Type": "application/x-www-form-urlencoded",
"User-Agent": "axios/0.18.0",
"Content-Length": 734,
"host": "www.googleapis.com",
"Proxy-Authorization": "Basic *hash*"
},
"method": "post",
"path": "https://www.googleapis.com/oauth2/v4/token",
"maxBodyLength": 10485760,
"maxRedirects": 21,
"protocol": "https:",
"_defaultAgent": {
"domain": {
"domain": null,
"_events": {},
"_eventsCount": 1,
"members": []
},
"_events": {},
"_eventsCount": 1,
"defaultPort": 443,
"protocol": "https:",
"options": {
"path": null
},
"requests": {},
"sockets": {},
"freeSockets": {},
"keepAliveMsecs": 1000,
"keepAlive": false,
"maxSockets": null,
"maxFreeSockets": 256,
"maxCachedSessions": 100,
"_sessionCache": {
"map": {},
"list": []
}
}
}
安全团队在没有任何通知的情况下阻止了 googleapis.com 域...我误以为这个问题是由我的新 Vagrant VM 配置错误引起的。
使用 Ubuntu 16.04...
在 Vagrant VM 中工作我以前能够使用 Google 的 Dialogflow API 检测意图,但现在它在我的新 VM 中抛出错误。
步骤:
- 创建 Dialogflow 项目
- 下载应用程序凭据JSON
npm i dialogflowexport GOOGLE_APPLICATION_CREDENTIALS=/path/to/creds.jsonnode -e ' const dialogflow = require("dialogflow"); const cli = new dialogflow.SessionsClient(); const session = cli.sessionPath("df-project-id", "session-id"); const request = { session, queryInput: { text: { text: "Hello" } } }; cli.detectIntent(request).then(console.log, console.error);'
错误:
Auth error:Error: write EPROTO 140436597872448:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:../deps/openssl/openssl/ssl/s23_clnt.c:827
调试:
证书位于它们的默认位置 /etc/ssl/certs/ca-certificates.crt,我知道 NodeJS 正在使用它们,因为 NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt ${df test above} 说:
(node:4067) Warning: Ignoring extra certs from '/etc/ssl/certs/ca-certificates.crt', load failed: error:0B07C065:x509 certificate routines:X509_STORE_add_cert:cert already in hash table
我看到请求也使用了在环境变量中声明的经过身份验证的代理:
http_proxy=http://user:pass@proxy:port
HTTP_PROXY=http://user:pass@proxy:port
https_proxy=http://user:pass@proxy:port
HTTPS_PROXY=http://user:pass@proxy:port
请求:
{
"pathname": "https://www.googleapis.com/oauth2/v4/token",
"nativeProtocols": {
"http:": {
"METHODS": [...],
"STATUS_CODES": {...},
"globalAgent": {
"domain": {
"domain": null,
"_events": {},
"_eventsCount": 1,
"members": []
},
"_events": {},
"_eventsCount": 1,
"defaultPort": 80,
"protocol": "http:",
"options": {
"path": null
},
"requests": {},
"sockets": {},
"freeSockets": {},
"keepAliveMsecs": 1000,
"keepAlive": false,
"maxSockets": null,
"maxFreeSockets": 256
}
},
"https:": {
"globalAgent": {
"domain": {
"domain": null,
"_events": {},
"_eventsCount": 1,
"members": []
},
"_events": {},
"_eventsCount": 1,
"defaultPort": 443,
"protocol": "https:",
"options": {
"path": null
},
"requests": {},
"sockets": {},
"freeSockets": {},
"keepAliveMsecs": 1000,
"keepAlive": false,
"maxSockets": null,
"maxFreeSockets": 256,
"maxCachedSessions": 100,
"_sessionCache": {
"map": {},
"list": []
}
}
}
},
"host": "proxy.*.com",
"port": "8080",
"hostname": "proxy.*.com",
"headers": {
"Accept": "application/json, text/plain, */*",
"Content-Type": "application/x-www-form-urlencoded",
"User-Agent": "axios/0.18.0",
"Content-Length": 734,
"host": "www.googleapis.com",
"Proxy-Authorization": "Basic *hash*"
},
"method": "post",
"path": "https://www.googleapis.com/oauth2/v4/token",
"maxBodyLength": 10485760,
"maxRedirects": 21,
"protocol": "https:",
"_defaultAgent": {
"domain": {
"domain": null,
"_events": {},
"_eventsCount": 1,
"members": []
},
"_events": {},
"_eventsCount": 1,
"defaultPort": 443,
"protocol": "https:",
"options": {
"path": null
},
"requests": {},
"sockets": {},
"freeSockets": {},
"keepAliveMsecs": 1000,
"keepAlive": false,
"maxSockets": null,
"maxFreeSockets": 256,
"maxCachedSessions": 100,
"_sessionCache": {
"map": {},
"list": []
}
}
}
安全团队在没有任何通知的情况下阻止了 googleapis.com 域...我误以为这个问题是由我的新 Vagrant VM 配置错误引起的。