Last Updated: February 25, 2016
· edgarjs

Capybara with PhantomJS and the SSL Poodle

Because of the Poodle vulnerability, some services are disabling SSLv3.

PhanthomJS runs SSLv3 by default (as of version 1.9.7), so you may get unexpected sudden tests fails.

To fix just specify the SSL protocol you want to use instead:

Capybara.register_driver :poltergeist do |app|,
    phantomjs_options: ['--ssl-protocol= TLSv1']

UPDATE: prefer TLSv1 over ssl2

4 Responses
Add your response

I would recommend using tlsv1 instead of SSLv2 for testing. SSLv2 is older and even weaker than SSLv3.

over 1 year ago ·

@fredjean, thank you! post updated.

over 1 year ago ·

And it turns out that the syntax is case sensitive. It should be TLSv1 (or ANY). (my bad...)

over 1 year ago ·

@fredjean oh don't worry, thank you for helping.

over 1 year ago ·