Forum: Ruby on Rails ssl certificates

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Ab457a1472a803502ebbabb9a811d2d9?d=identicon&s=25 Giedrius (Guest)
on 2006-02-08 12:39
Hi,
could someone help me with ssl certificates?

i have mycert.pfx file (client certificate) and CA certificate ca.cer.
i far as i know, ruby doesn't understand pfx format, so i've converted
it to pem format.
in viewer pem looks like:

Bag attributes
blabla

Key Attributes
blabla

---begin rsa private key---
blabla
---end rsa private key-----

--begin certificate--------
blabla
--end certificate----------

in some example a saw, that there should be three files, looks like pfx
file should be splited to two separate files?

how to prepare those two files(mycert.pfx and ca.cer) for using with
HttpClient in ruby? How to use them with HttpClient?

Giedrius
Ab457a1472a803502ebbabb9a811d2d9?d=identicon&s=25 Giedrius (Guest)
on 2006-02-08 14:37
I was making this:

converted ca.cer file
openssl x509 -in ca.cer -inform DER -out ca.pem -outform PEM

converted mycert.pfx to mycert.pem and splited this to two files in
my_key.pem placed rsa key part and in my_cert.pem placed certificate
part.

wrote code:

require 'http-access2'
url = ARGV.shift || 'https://zzz.com'
uri = URI.parse(url)
ca_file = "ca.pem"
cl_cert = "my_cert.pem"
cl_key  = "my_key.pem"
proxy = ENV['HTTP_PROXY'] || ENV['http_proxy'] || nil
h = HTTPClient.new(proxy)
h.ssl_config.set_client_cert_file(cl_cert, cl_key)
h.ssl_config.set_trust_ca(ca_file)
print h.get_content(url)

and received error:

at depth 0 - 20: unable to get local issuer certificate

what i did wrong or what i forgot to do?
Ab457a1472a803502ebbabb9a811d2d9?d=identicon&s=25 Giedrius (Guest)
on 2006-02-09 12:44
I can't understand, is my question stupid enough or there's no people,
who tryed to work with ruby over ssl?
I've posting like fourth question regarding SSL on various aspects and
didn't received any response from anyone.
Cf7e5e4b5ca573eec214191fac420a2f?d=identicon&s=25 Dave Silvester (Guest)
on 2006-02-09 15:15
(Received via mailing list)
On Thursday 09 Feb 2006 11:44, Giedrius wrote:
> I can't understand, is my question stupid enough or there's no people,
> who tryed to work with ruby over ssl?
> I've posting like fourth question regarding SSL on various aspects and
> didn't received any response from anyone.

Hi Giedrius,

Don't be disheartened, this list is very busy and hard to keep track of.
I
haven't used it through the forum, but certainly on the mailing list, I
only
dip in now and then, because there's no way I have time to read
everything.
I imagine it's the same for a lot of others.

Anyway, I don't know if this helps you, but I'm developing an SSL Rails
app,
and used the following tutorial to set it up with Lighttpd:

http://wiki.archlinux.org/index.php/Lighttpd_For_B...

I don't bother running two Lighttpd daemons though (one for SSL and one
for
non-SSL) - seemed like too much trouble to get that to launch when I run
script/server, so I simply didn't worry about it - my entire app runs
over
SSL.

So, I don't know if that really answers your question, but that's how I
did
it, though it took me a while to figure it out before I found that
tutorial.
(Back then, the default script/server was WEBrick anyway, so initially I
was
trying to get that working with SSL and gave up completely.)

Is that any help?  (Maybe not, I haven't used HttpClient myself.)

Cheers,

~Dave

--

Dave Silvester
Rent-A-Monkey Website Development
http://www.rentamonkey.com/

PGP Key: http://www.rentamonkey.com/pgpkey.asc
93b16b2e478ef65a27fe1b930b0f7689?d=identicon&s=25 Francisoud Francisoud (francisoud)
on 2007-08-21 18:46
Giedrius wrote:
> I can't understand, is my question stupid enough or there's no people,
> who tryed to work with ruby over ssl?
> I've posting like fourth question regarding SSL on various aspects and
> didn't received any response from anyone.

It's not a stupid question at all, in fact I stumble on the same
problems.

Your previous "partial" answers helped me.

I created this reminder for me of how I finally did it... I hope this
will help others :)

- Https, Ssl and Ruby
http://benjamin.francisoud.googlepages.com/howtodo...

- You can leave comment on my blog:
http://rubyscube.blogspot.com/2007/08/how-to-use-h...
This topic is locked and can not be replied to.