Net-https error on x509 certs

Hello,

I am trying to send a GET request to a https URL which requires passing
certificate, key and ca certificate to authenticate and getting below
error:

/usr/lib/ruby/1.8/net/http.rb:567:in `initialize': can't convert
OpenSSL::X509::Certificate into String (TypeError)
  from /usr/lib/ruby/1.8/net/http.rb:567:in `new'
  from /usr/lib/ruby/1.8/net/http.rb:567:in `connect'
  from /usr/lib/ruby/1.8/net/http.rb:553:in `do_start'
  from /usr/lib/ruby/1.8/net/http.rb:542:in `start'
  from tp2:18

Code:

#!/usr/bin/ruby
require 'net/https'
require 'openssl'

server = "serverdomainname"
crt = File.read "crtfile"
ca = File.read "cafile"
key = File.read "keyfile"

uri = URI.parse("https://#{server}:8140")
session = Net::HTTP.new(uri.host, uri.port)
session.use_ssl = true
session.verify_mode = OpenSSL::SSL::VERIFY_NONE
session.ca_file = OpenSSL::X509::Certificate.new ca
session.cert = OpenSSL::X509::Certificate.new crt
session.key = OpenSSL::PKey::RSA.new key
res = session.start do |http|
  http.get("/v1")
end

OpenSSL reads the certificate properly, format is pem, but net-https
gives error.

-Tuj

···

--
Posted via http://www.ruby-forum.com/.

Tuj www wrote in post #1076663:

/usr/lib/ruby/1.8/net/http.rb:567:in `initialize': can't convert
OpenSSL::X509::Certificate into String (TypeError)

Hint: you passed an OpenSSL::X509::Certificate to a method which was
expecting a String.

session.ca_file = OpenSSL::X509::Certificate.new ca

That's the problem. ca_file needs to be a string which contains the
filename of a CA certificate.

If you read /usr/lib/ruby/1.8/net/https.rb (or wherever it is on your
system) you'll find the docs inline:

: ca_file, ca_file=((|path|))
    Sets path of a CA certification file in PEM format.
    The file can contrain several CA certificats.

: ca_path, ca_path=((|path|))
    Sets path of a CA certification directory containing certifications
    in PEM format.

···

--
Posted via http://www.ruby-forum.com/\.

Thanks Brian, that solved the issue.

···

--
Posted via http://www.ruby-forum.com/.