emboss · May 6, 2012 23:39
diff --git a/gistfile1.txt b/gistfile1.txt
 OpenSSL:

 ./openssl s_client -connect google.com:443 -CAfile /etc/ssl/certs/ca-bundle.crt -tls1_2
 CONNECTED(00000003)
 139935467882144:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:

 Ruby:

 require 'socket'
 require 'openssl'

 sock = TCPSocket.open("www.google.com", 443)
 ctx = OpenSSL::SSL::SSLContext.new
 ctx.ssl_version = :TLSv1_1
 ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
 ssl.connect
 puts ssl.ssl_version
 ssl.close

 => ruby tls12_connect.rb
 tls12_connect.rb:8:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: wrong version number (OpenSSL::SSL::SSLError)
 	from tls12_connect.rb:8:in `<main

 Possible evidence: https://www.ssllabs.com/ssltest/analyze.html?d=www%2egoogle%2ecom&s=74%2e125%2e227%2e83


 If I try another server

 sock = TCPSocket.open("www.factor.cc", 443)

 it works fine, I can connect via both TLSv1_1 and TLSv1_2.
	OpenSSL:

	./openssl s_client -connect google.com:443 -CAfile /etc/ssl/certs/ca-bundle.crt -tls1_2
	CONNECTED(00000003)
	139935467882144:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:

	Ruby:

	require 'socket'
	require 'openssl'

	sock = TCPSocket.open("www.google.com", 443)
	ctx = OpenSSL::SSL::SSLContext.new
	ctx.ssl_version = :TLSv1_1
	ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
	ssl.connect
	puts ssl.ssl_version
	ssl.close

	=> ruby tls12_connect.rb
	tls12_connect.rb:8:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: wrong version number (OpenSSL::SSL::SSLError)
	from tls12_connect.rb:8:in `<main

	Possible evidence: https://www.ssllabs.com/ssltest/analyze.html?d=www%2egoogle%2ecom&s=74%2e125%2e227%2e83


	If I try another server

	sock = TCPSocket.open("www.factor.cc", 443)

	it works fine, I can connect via both TLSv1_1 and TLSv1_2.