httparty icon indicating copy to clipboard operation
httparty copied to clipboard

Published 20 hours ago verified publisher icon jnunemaker

Question: How to verify server certificate?

Open pramodtech opened this issue 6 years ago • 1 comments

I am newbie on SSL concept, I am trying to connect to API which have x509 mutual auth. I got client cert, client key and server cert. All are pem files. I got it working with client cert and key and with verify: false. Now next step is how to verify server cert also?

include HTTParty
 DEFAULT_HEADERS = {
   'Content-Type' => 'application/json'
 }.freeze
 base_uri ENV.fetch('SERVICE')
 pem "#{Base64.decode64(ENV.fetch('CLIENT_CERT'))}#{Base64.decode64(ENV.fetch('CLIENT_KEY'))}\n"

 def self.iframe_url(**payload)
   post(
     '/test/create',
     body: payload.to_json,
     headers: DEFAULT_HEADERS,
     verify: false
   )
 end

pramodtech avatar May 24 '18 12:05 pramodtech

pem "#{Base64.decode64(ENV.fetch('CLIENT_CERT'))}#{Base64.decode64(ENV.fetch('CLIENT_KEY'))}\n" seems not to be correct. Contents should be in Base 64 format I think.

verify: false does not verify certificates, so it shouldn't be false.

Check the following web page, specifically the example "SSL/HTTPS request with PEM certificate". I suggest to first implement it in Net::HTTP to test everything is correct and then move it to HTTParty:

http://www.rubyinside.com/nethttp-cheat-sheet-2940.html

Give more details about the errors you get, otherwise is difficult to know what's the problem.

pjmartorell avatar Mar 30 '19 10:03 pjmartorell