ruby - connect: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError) -
i'm having terrible time getting ssl verify certificate. i'm ignorant on how certificates work that's major handicap begin with. here's error when running script:
c:/ruby191/lib/ruby/1.9.1/net/http.rb:611:in `connect': ssl_connect returned=1 e rrno=0 state=sslv3 read server certificate b: certificate verify failed (openssl ::ssl::sslerror) here's relevant code:
client = savon::client.new order_svc request = client.create_empty_cart { |soap, http| http.auth.ssl.cert_file = 'mycert.crt' http.auth.ssl.verify_mode = :none http.read_timeout = 90 http.open_timeout = 90 http.headers = { "content-length" => "0", "connection" => "keep-alive" } soap.namespaces["xmlns:open"] = "http://schemas.datacontract.org/2004/07/namespace" soap.body = { "wsdl:brand" => brand, "wsdl:parnter" => [ {"open:catalogname" => catalogname, "open:partnerid" => partnerid } ] }.to_soap_xml } any appreciated.
check cert.pem , key.pem
the cert key should have one
-----begin certificate----- miifgdccbacgawibagikg1diagaaaaaaazanbgkqhkig9w0baqsfadcbvdekmcig .... -----end certificate----- your key.pem should have
-----begin private key----- csqgsib3dqejaryvy2fjb250ywn0qgvzy3jlzw4uy29tmqswcqydvqqgewjvuzep .... -----end private key----- and may have certs in doesn't matter case. (although me curl doesn't work without certs) webservice talking has root ca, client auth keys not trusted why certs make curl work.
getting out of client certificate caused me problems.
here worked me.
openssl pkcs12 -in client.pfx -clcerts -nokeys -out cert.pem openssl pkcs12 -in client.pfx -nodes -out key.pem each prompt import password , can set pem password if want. (you have set in ruby code later)
require 'savon' client = savon::client.new "https://service/service.asmx?wsdl" client.http.auth.ssl.cert_key_file = "key.pem" client.http.auth.ssl.cert_file = "cert.pem" client.http.auth.ssl.verify_mode=:peer p client.wsdl.soap_actions you can test curl
curl -v -e key.pem https://services/service.asmx?wsdl
Comments
Post a Comment