Running with --debug=true I see the following:
2013-04-15T14:29:15 [DEBUG] Network - SSL Error: "The host name did not match any of the valid hosts for this certificate"
2013-04-15T14:29:15 [DEBUG] Network - Resource request error: 6 ( "SSL handshake failed" ) URL: "https://thimble.webmaker.org/"
I suspect that PhantomJS is not supporting Server Name Indication properly. If the SNI extension is not used for TLS servers that require it, a (fatal) hostname mismatch will happen.
Is it possible that my version of PhantomJS is linked against an OpenSSL version that does not implement it?
I am using phantomjs-1.9.0-linux-x86_64
See http://en.wikipedia.org/wiki/Server_Name_Indication for more info about SNI. This is getting more and more common. All modern browsers support it.
BTW This also could explain some of the 'hangs' that I have been experiencing. It seems that on SSL errors, the page.open() callback is never called. I'm running with --ignore-ssl-errors=true now and that seems to help a lot. Although that is far from ideal of course.
Is that a known bug or should I file?
Are you describing the same issue here were a callback is not called in some SSL cases?
Is the experience any better for you with 1.9.2?
I'm also seeing this on 1.9.7. We use SNI and I had to use --ignore-ssl-errors=true in order to get it working.
Confirming issue still present on 1.9.7 when trying to connect to a site with SNI. Only when parameter --ignore-ssl-errors=true is present the connection succeeds and page.open() is called.
For me it fails even when I specify --ignore-ssl-errors=true, with Network - Resource request error: 6 ( "SSL handshake failed" ). Any idea how this could happen? I'm on 1.9.0.
Network - Resource request error: 6 ( "SSL handshake failed" )
Ah, I was able to get it to succeed by specifying --ssl-protocol=TLSv1, then --ignore-ssl-errors=true is unnecessary.
--ssl-protocol=TLSv1 fixed it for me too, also using SNI
works fine for me. thx.
ignoring ssl errors
(specref is hosted on a ssl server that uses SNI, but phantomjs doesn't support SNI :( ariya/phantomjs#11239
PhantomJS does not support SNI extension.
See #12440 (comment)
Still no SNI support? I also ran into this.
same problem here, no way to use it on a site using CloudFlare and ssl
Is it fixed in 2.0?
Is there a fix for this now?
Using --ssl-protocol=TLSv1 is not an option, since TLSv1 is insecure and disabled at an infrastructure level.
This seems to be fixed in 2.x. IMHO this issue can be closed.