OpenSSL , SOAP4R

Hi guys,
Does someone knows how to use certificates with SOAP::WSDLDriverFactory
?
for example, to generate a driver from a url like:
https://some.com/something.wsl

Tks in advance
Ze Maria

Ze Maria wrote:

Hi guys,
Does someone knows how to use certificates with SOAP::WSDLDriverFactory
?
for example, to generate a driver from a url like:
https://some.com/something.wsl

Tks in advance
Ze Maria

If you don’t have the CA, you can do:

server.options[“protocol.http.ssl_config.verify_mode”] = nil

Or are you referring to use CERTS to authenticate?

Justin M. wrote:

Ze Maria wrote:

Hi guys,
Does someone knows how to use certificates with SOAP::WSDLDriverFactory
?
for example, to generate a driver from a url like:
https://some.com/something.wsl

Tks in advance
Ze Maria

If you don’t have the CA, you can do:

server.options[“protocol.http.ssl_config.verify_mode”] = nil

Or are you referring to use CERTS to authenticate?

if the certificate (.crt) , I don’t understanding how do you 've a
variable named “server” with an options hash…

Tks
Ze Maria

server.options[“protocol.http.ssl_config.verify_mode”] = nil

if the certificate (.crt) , I don’t understanding how do you 've a
variable named “server” with an options hash…

Hopefully this may clarify,

wsdl = ‘https://some.com/something.wsl
factory = SOAP::WSDLDriverFactory.new( wsdl )
drv = factory.create_rpc_driver
drv.options[ ‘protocol.http.ssl_config.ca_file’ ] = nil

alternatively:

drv.options[‘protocol.http.ssl_config.verify_mode’] =
openSSL::SSL::VERIFY_NONE

some other possibly useful options:

drv.options[‘protocol.http.ssl_config.verify_mode’] =
OpenSSL::SSL::VERIFY_PEER
drv.options[‘protocol.http.ssl_config.ca_file’] = ‘api_cert_chain.crt’
drv.options[‘protocol.http.ssl_config.client_cert’] = ‘client.cert’
drv.options[‘protocol.http.ssl_config.client_key’] = ‘client.keys’

On Feb 23, 7:04 am, “Mike Wernsing” [email protected] wrote:

alternatively:

drv.options[‘protocol.http.ssl_config.verify_mode’] = openSSL::SSL::VERIFY_NONE

some other possibly useful options:

drv.options[‘protocol.http.ssl_config.verify_mode’] = OpenSSL::SSL::VERIFY_PEER
drv.options[‘protocol.http.ssl_config.ca_file’] = ‘api_cert_chain.crt’
drv.options[‘protocol.http.ssl_config.client_cert’] = ‘client.cert’
drv.options[‘protocol.http.ssl_config.client_key’] = ‘client.keys’

This is good stuff! What would be a good link to have found this for
myself? Thanks!

Mike B.

This is good stuff! What would be a good link to have found this for
myself? Thanks!

Might try these:

http://calagenda.berkeley.edu/calendar-ws/sample-code.html

The following describes using wsdl2ruby:
http://www.pranavbihari.com/articles/2005/12/02/testing-paypal-web-services-with-ruby-soap4r

Mike Wernsing wrote:

server.options[“protocol.http.ssl_config.verify_mode”] = nil

if the certificate (.crt) , I don’t understanding how do you 've a
variable named “server” with an options hash…

Hopefully this may clarify,

wsdl = ‘https://some.com/something.wsl
factory = SOAP::WSDLDriverFactory.new( wsdl )
drv = factory.create_rpc_driver
drv.options[ ‘protocol.http.ssl_config.ca_file’ ] = nil

alternatively:

drv.options[‘protocol.http.ssl_config.verify_mode’] =
openSSL::SSL::VERIFY_NONE

some other possibly useful options:

drv.options[‘protocol.http.ssl_config.verify_mode’] =
OpenSSL::SSL::VERIFY_PEER
drv.options[‘protocol.http.ssl_config.ca_file’] = ‘api_cert_chain.crt’
drv.options[‘protocol.http.ssl_config.client_cert’] = ‘client.cert’
drv.options[‘protocol.http.ssl_config.client_key’] = ‘client.keys’

Should be noted that the above actually does not checks the actual
server (peer) certificate. It only validates that the peer certificate
is signed by / issued by the ‘api_cert_chain.crt’.

To actually validate the server cert use :
drv.options[‘protocol.http.ssl_config.verify_callback’] =
method(:validate_certificate)

where method validate_certificate looks like:

def validate_certificate(is_ok, ctx)
cert = ctx.current_cert

Only check the server certificate, not the issuer

unless (cert.subject.to_s == cert.issuer.to_s)
is_ok &&= File.open(‘server_cert.pem’).read ==
ctx.current_cert.to_pem
end
is_ok
end

emil

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs