Today (Tues. Aug 24 2010) using HTTPClient for a SSL connection fails.
It was working fine previously. The issue is not with the server at the
other end but with httpclient reading its local cert. file. the error
is:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3
read server certificate B: certificate verify failed
We tried directly pointing to the installed httpclient 2.1.5.2 cert
file:
client = HTTPClient.new(nil, "WSDL4R")
client.ssl_config.set_trust_ca('/usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient/cacert.p7s')
but get the same error. We have also tried "other" .pem files such as
this:
client.ssl_config.set_trust_ca('/etc/openldap/cacerts')
but get the same error.
NOTE: last year, we had the same error and fixed it by upgrading to
2.1.5.2 of the httpclient gem (which presumably had a cert. that was not
expired).
NOTE: we ran openssl verify on both the 2.1.5.2 AND the 2.1.4 gem
version of lib/httpclient/cacert_sha1.p7s and that program reported 'OK'
for both files. Thus, I do not trust that the program verify is useful
in this case.
Any ideas here??
Here is a stack trace when the call to httpclient fails:
==================Stack Trace==================
loading wsdl: https://secure.more.com/ws/profile/authenticate?WSDL
at depth 0 - 20: unable to get local issuer certificate
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3
read server certificate B: certificate verify failed
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient/session.rb:247:in `connect'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient/session.rb:247:in `ssl_connect'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient/session.rb:639:in `connect'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient/timeout.rb:128:in `timeout'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient/session.rb:631:in `connect'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient/session.rb:522:in `query'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient/session.rb:147:in `query'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient.rb:953:in `do_get_block'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient.rb:765:in `do_request'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient.rb:848:in `protect_keep_alive_disconnected'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient.rb:764:in `do_request'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient.rb:833:in `follow_redirect'
from /home/rgm/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/
httpclient.rb:519:in `get_content'
from /u/apps/more/releases/20100803213846/lib/
registration_service.rb:47:in `fetch'
from /usr/local/lib/ruby/1.8/wsdl/xmlSchema/importer.rb:30:in
`import'
from /usr/local/lib/ruby/1.8/wsdl/importer.rb:18:in `import'
from /usr/local/lib/ruby/1.8/soap/wsdlDriver.rb:124:in `import'
from /usr/local/lib/ruby/1.8/soap/wsdlDriver.rb:28:in
`initialize'
from /u/apps/more/releases/20100803213846/lib/
registration_service.rb:337:in `new'
from /u/apps/more/releases/20100803213846/lib/
registration_service.rb:337:in `create_driver'
from /u/apps/more/releases/20100803213846/lib/
registration_service.rb:297:in `authenticate_driver'
from /u/apps/more/releases/20100803213846/lib/
registration_service.rb:190:in `authenticate'
Any ideas are appreciated, thanks,
Mike
···
--
Posted via http://www.ruby-forum.com/.