How do I tell the OpenSSL Ruby library to ignore a self-signed certificate error?

Question

How do I tell the OpenSSL Ruby library to ignore a self-signed certificate error?

I am trying to use Ruby SOAP support as follows:

SERVICE_URL = 'https://...'
...
def create_driver
  ::SOAP::WSDLDriverFactory.new(SERVICE_URL).create_rpc_driver
  driver.options['protocol.http.ssl_config.verify_mode']  = OpenSSL::SSL::VERIFY_NONE
  driver.options['protocol.http.ssl_config.client_cert']  = @certificate_path
  driver
end

but the call new(SERVICE_URL)calls " OpenSSL::SSL::SSLError: certificate verify failed". How to make an equivalent driver.options['protocol.http.ssl_config.verify_mode'] = OpenSSL::SSL::VERIFY_NONEfor the first call to retrieve the WSDL itself?

+3

soap wsdl ruby certificate openssl

James A. Rosen Oct 12 '09 at 14:48

source share

3 answers

try the following:

...
  OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
  ::SOAP::WSDLDriverFactory.new(SERVICE_URL).create_rpc_driver
...

0

avguchenko Oct 15 '09 at 18:03

source share

I came across this URL: https://gist.github.com/fnichol/867550 . This can be useful for anyone who has similar problems.

0

kinkajou Aug 08 '13 at 6:22

source share

James A. Rosen · Accepted Answer · 2009-10-16T01:12:31+0000

I put a file named " soap/property" in my download path, for example:

- lib/
    - foo.rb
    - foo/
        - bar.rb
    - soap/
        - property

And put this in a file:

client.protocol.http.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE

Alternatively, if you have multiple parameters with the same prefix, you can use the group syntax:

[client.protocol.http]
ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
...

How do I tell the OpenSSL Ruby library to ignore a self-signed certificate error?

More articles: