Fredrik B.
2011-Jan-03 11:21 UTC
How to get soap4r to not bother verifying SSL certificate (verify_mode none)?
Using Ruby 1.8.7, Rails 2.3.8. I don''t want it to verify the cert... This is my backtrace: OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed): httpclient (2.1.5.2) lib/httpclient/session.rb:247:in `connect'' httpclient (2.1.5.2) lib/httpclient/session.rb:247:in `ssl_connect'' httpclient (2.1.5.2) lib/httpclient/session.rb:639:in `connect'' httpclient (2.1.5.2) lib/httpclient/timeout.rb:128:in `timeout'' httpclient (2.1.5.2) lib/httpclient/session.rb:631:in `connect'' httpclient (2.1.5.2) lib/httpclient/session.rb:522:in `query'' httpclient (2.1.5.2) lib/httpclient/session.rb:147:in `query'' httpclient (2.1.5.2) lib/httpclient.rb:953:in `do_get_block'' httpclient (2.1.5.2) lib/httpclient.rb:765:in `do_request'' httpclient (2.1.5.2) lib/httpclient.rb:848:in `protect_keep_alive_disconnected'' httpclient (2.1.5.2) lib/httpclient.rb:764:in `do_request'' httpclient (2.1.5.2) lib/httpclient.rb:666:in `request'' httpclient (2.1.5.2) lib/httpclient.rb:596:in `post'' /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/streamHandler.rb:238:in `send_post'' /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/streamHandler.rb:172:in `send'' /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/rpc/proxy.rb:179:in `route'' /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/rpc/proxy.rb:143:in `call'' /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/rpc/driver.rb:181:in `call'' (eval):6:in `getDataBySecure'' -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Frederick Cheung
2011-Jan-03 12:03 UTC
Re: How to get soap4r to not bother verifying SSL certificate (verify_mode none)?
On Jan 3, 11:21 am, "Fredrik B." <li...-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> Using Ruby 1.8.7, Rails 2.3.8. I don''t want it to verify the cert... >I think you can do something like driver.options["protocol.http.ssl_config"] = {''verify_mode'' => foo} or maybe driver.options["protocol.http.ssl_config.verify_mode"] = foo Fred> This is my backtrace: > > OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read > server certificate B: certificate verify failed): > httpclient (2.1.5.2) lib/httpclient/session.rb:247:in `connect'' > httpclient (2.1.5.2) lib/httpclient/session.rb:247:in `ssl_connect'' > httpclient (2.1.5.2) lib/httpclient/session.rb:639:in `connect'' > httpclient (2.1.5.2) lib/httpclient/timeout.rb:128:in `timeout'' > httpclient (2.1.5.2) lib/httpclient/session.rb:631:in `connect'' > httpclient (2.1.5.2) lib/httpclient/session.rb:522:in `query'' > httpclient (2.1.5.2) lib/httpclient/session.rb:147:in `query'' > httpclient (2.1.5.2) lib/httpclient.rb:953:in `do_get_block'' > httpclient (2.1.5.2) lib/httpclient.rb:765:in `do_request'' > httpclient (2.1.5.2) lib/httpclient.rb:848:in > `protect_keep_alive_disconnected'' > httpclient (2.1.5.2) lib/httpclient.rb:764:in `do_request'' > httpclient (2.1.5.2) lib/httpclient.rb:666:in `request'' > httpclient (2.1.5.2) lib/httpclient.rb:596:in `post'' > /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/streamHandler.rb:23 8:in > `send_post'' > /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/streamHandler.rb:17 2:in > `send'' > /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/rpc/proxy.rb:179:in > `route'' > /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/rpc/proxy.rb:143:in > `call'' > /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/rpc/driver.rb:181:i n > `call'' > (eval):6:in `getDataBySecure'' > > -- > Posted viahttp://www.ruby-forum.com/.-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Fredrik B.
2011-Jan-03 12:08 UTC
Re: How to get soap4r to not bother verifying SSL certificate (verify_mode none)?
I tried that. In ~GEM_HOME/gems/soap4r-1.5.8/lib/soap/netHttpClient.rb, I changed it to: 180 if SSLEnabled 181 http.ssl_config.verify_mode = nil 182 http.use_ssl = true And I also tried with http.ssl_config.verify_mode = (OpenSSL::SSL::VERIFY_NONE) None of those seem to work. -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Fredrik B.
2011-Jan-03 12:08 UTC
Re: How to get soap4r to not bother verifying SSL certificate (verify_mode none)?
It works locally... Hmm. My OpenSSL versions differs on the server and locally. That''s probably the culprit. -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Frederick Cheung
2011-Jan-03 12:50 UTC
Re: Re: How to get soap4r to not bother verifying SSL certificate (verify_mode none)?
You tried what i suggested or you tried the monkey patch you posted below? It''s worth noting that soap4r will use the httpaccess gem if it is present, falling back to net/http if it isn''t - I think you may only have monkeypatched the net/http part of soap4r Fred Sent from my iPhone On 3 Jan 2011, at 12:08, "Fredrik B." <lists-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> I tried that. In ~GEM_HOME/gems/soap4r-1.5.8/lib/soap/netHttpClient.rb, > I changed it to: > > 180 if SSLEnabled > 181 http.ssl_config.verify_mode = nil > 182 http.use_ssl = true > > And I also tried with > > http.ssl_config.verify_mode = (OpenSSL::SSL::VERIFY_NONE) > > None of those seem to work. > > -- > Posted via http://www.ruby-forum.com/. > > -- > You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. > To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org > To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en. >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.