Hi, could someone help me with ssl certificates? i have mycert.pfx file (client certificate) and CA certificate ca.cer. i far as i know, ruby doesn''t understand pfx format, so i''ve converted it to pem format. in viewer pem looks like: Bag attributes blabla Key Attributes blabla ---begin rsa private key--- blabla ---end rsa private key----- --begin certificate-------- blabla --end certificate---------- in some example a saw, that there should be three files, looks like pfx file should be splited to two separate files? how to prepare those two files(mycert.pfx and ca.cer) for using with HttpClient in ruby? How to use them with HttpClient? Giedrius -- Posted via http://www.ruby-forum.com/.
I was making this: converted ca.cer file openssl x509 -in ca.cer -inform DER -out ca.pem -outform PEM converted mycert.pfx to mycert.pem and splited this to two files in my_key.pem placed rsa key part and in my_cert.pem placed certificate part. wrote code: require ''http-access2'' url = ARGV.shift || ''https://zzz.com'' uri = URI.parse(url) ca_file = "ca.pem" cl_cert = "my_cert.pem" cl_key = "my_key.pem" proxy = ENV[''HTTP_PROXY''] || ENV[''http_proxy''] || nil h = HTTPClient.new(proxy) h.ssl_config.set_client_cert_file(cl_cert, cl_key) h.ssl_config.set_trust_ca(ca_file) print h.get_content(url) and received error: at depth 0 - 20: unable to get local issuer certificate what i did wrong or what i forgot to do? -- Posted via http://www.ruby-forum.com/.
I can''t understand, is my question stupid enough or there''s no people, who tryed to work with ruby over ssl? I''ve posting like fourth question regarding SSL on various aspects and didn''t received any response from anyone. -- Posted via http://www.ruby-forum.com/.
On Thursday 09 Feb 2006 11:44, Giedrius wrote:> I can''t understand, is my question stupid enough or there''s no people, > who tryed to work with ruby over ssl? > I''ve posting like fourth question regarding SSL on various aspects and > didn''t received any response from anyone.Hi Giedrius, Don''t be disheartened, this list is very busy and hard to keep track of. I haven''t used it through the forum, but certainly on the mailing list, I only dip in now and then, because there''s no way I have time to read everything. I imagine it''s the same for a lot of others. Anyway, I don''t know if this helps you, but I''m developing an SSL Rails app, and used the following tutorial to set it up with Lighttpd: http://wiki.archlinux.org/index.php/Lighttpd_For_Both_SSL_And_Non-SSL I don''t bother running two Lighttpd daemons though (one for SSL and one for non-SSL) - seemed like too much trouble to get that to launch when I run script/server, so I simply didn''t worry about it - my entire app runs over SSL. So, I don''t know if that really answers your question, but that''s how I did it, though it took me a while to figure it out before I found that tutorial. (Back then, the default script/server was WEBrick anyway, so initially I was trying to get that working with SSL and gave up completely.) Is that any help? (Maybe not, I haven''t used HttpClient myself.) Cheers, ~Dave -- Dave Silvester Rent-A-Monkey Website Development http://www.rentamonkey.com/ PGP Key: http://www.rentamonkey.com/pgpkey.asc
Giedrius wrote:> I can''t understand, is my question stupid enough or there''s no people, > who tryed to work with ruby over ssl? > I''ve posting like fourth question regarding SSL on various aspects and > didn''t received any response from anyone.It''s not a stupid question at all, in fact I stumble on the same problems. Your previous "partial" answers helped me. I created this reminder for me of how I finally did it... I hope this will help others :) - Https, Ssl and Ruby http://benjamin.francisoud.googlepages.com/howtodogetorpostrequestinhttpssslandruby - You can leave comment on my blog: http://rubyscube.blogspot.com/2007/08/how-to-use-httpsssl-in-ruby.html -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
Reasonably Related Threads
- How to get soap4r to not bother verifying SSL certificate (verify_mode none)?
- Unable to specify hierarchy for data-in-modules
- 1) Error 2) sending request to a specific worker
- How to stop SOAP4R/OpenSSL requiring cert?
- [Bug 940] New: ip6tables-save output invalid rule when using D/SNPT