Certificates and Net::HTTP

I am in the process of converting some Python code over to Ruby. The
code
runs in Python just fine and the Ruby code is almost working:

uri = URI(LOGIN_URL)
req = Net::HTTP::Post.new uri.path
req.body = “blah blah blah”

c = nil
File.open(‘config/certificates/client-2048.pem’, ‘rb’) { |f| c = f.read
}

res = Net::HTTP.start(uri.host, uri.port, :use_ssl => true) do |http|
http.cert = OpenSSL::X509::Certificate.new©
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
http.ssl_version = :SSLv3
http.request req
end

When this code is run is connects just fine res.code is ‘200’ and the
service is returning JSON but it indicates that the certificate was not
being presented. In the Python code I have

requests.post(‘https://…’, data=payload,
cert=(‘config/certificates/client-2048.crt’,
‘config/certificates/client-2048.key’), headers=headers)

I have the following file available client-2048.crt, client-2048.csr,
client-2048.key, client-2048.p12 and client-2048.pem and have tried
every
variation Google and StackOverflow shows me but without success.

Any pointers as to what I am doing wrong?

On Apr 29, 2014, at 4:50 AM, Peter H.
[email protected] wrote:

http.cert = OpenSSL::X509::Certificate.new(c)

Any pointers as to what I am doing wrong?

Hello Peter,

Forgive me if this doesn’t answer your question directly, but have you
considered GitHub - httprb/http: HTTP (The Gem! a.k.a. http.rb) - a fast Ruby HTTP client with a chainable API, streaming support, and timeouts ?
HTTPS · httprb/http Wiki · GitHub seems to suggest a way to
set up the SSL context the way you want.

Hope this helps,

Mike

Mike S. [email protected]
http://www.stok.ca/~mike/

The “`Stok’ disclaimers” apply.