ruby - Using a self-signed certificate -

-

I'm just trying to get my head around SSL.

I have installed on a Jetty server

Now I can not trust this certificate's error when I go.

I use

keytool -export -alias pongus -keystore keystore -file certfile.cer

certificate which I think The client needs to authenticate with the server to create (this is where I can be very wrong!)

I have the following ruby ​​code: 

  Requires 'net / https' 'openssl' is required 'open-yuri' file 'yes' if file is required. Axis? ('Certfile.cer') uri = URI.parse ("https: // localhost: 8443 /") http_session = Net :: HTTP.new (uri.host, uri.port) Http_session.use_ssl = true http_session.verify_mode = OpenSSL :: SSL :: VERIFY_PEER http_session.ca_file = 'certfile.cer' res = http_session.start do | Http | # Some request here is http.get ('/') end

this is printed 'or', hence the certificatefile.cer file exists.

But I get errors 

  / application / netbins / netbins 6.8.app/Contents/Resources/NetBeans/ruby2/jruby-1.4.0/lib/ruby/ 1.8 / net / http.rb / 86 Warning: Locations / apps / netbins / netbins 6.8.app/Contents/Resources/NetBeans/ruby2/jruby-1.4.0/lib/ruby/1.8/net/http.rb868686:INIn Connect Can not verify 'Connect': Certificate verified failed (OpenSSL :: SSL :: SSLError)

Any ideas what I am doing wrong?

Edit

I want to get it, so I guarantee that I am connecting to the right server, and the server can guarantee That I am not tampering with it. I am developing both servers and clients.

Your customer's private key.

You do not need a private key for server certificate verification. All you need is a certificate in which the public key is the only private key in the server. Well here and here is the description

My recommendation is simple Checking your certificate is correct. 

  openssl x509 -text -in mycert.crt

In addition, if you have access to the server, then you can explicitly validate The certificates and keys (used in httpd configuration) are correct (matches): Please note this is running on clear check server. Never give private keys This check can only be done by the administrator to verify whether the httpd was not configured incorrectly. 

  (openssl x509 -noout -modulus -in server.pem | openssl md5; openssl rsa -noout - Modulus -in server.key | openssl MD5) | Uniq

You can also debug SSL certificates using the standard openssl command. If you issue this command wait a few seconds then press enter and press enter. You will see the certificate that the server sends out. 

  openssl s_client -connect your.server.com:443

Also try importing your certificate Access the browser and URL resource Browser https ( Firefox and Chrome) and able to validate it. After that you will see the certificate and validity information.

All of the above were about server certificate . It is only a part of the problem " I'm connecting to the right server , and the server can guarantee that I'm connecting it to it" Only for your server code in your code Check it now If you want it in Ruby for a client certificate (the second part of your statement): 

  File.open ("client_certificate.pem", 'rb ') {| F | | Cert = f.read} file.open ("client_key.pem", 'rb') {| F | | Key = f.read} http_session.cert = OpenSSL :: X509 :: Certificate. (Certificate) http_session.key = OpenSSL :: PK :: RSA.N.N (Key, Zero)
< P> Client certificates should be used in Ruby. If your private key is encrypted with a password, then pass it in RSA constructor's second argument instead of zero.

I am working with a highly recommended server certificate (your code) and then start with the client certificate Please note that you keep your current code (CACARR, validation continuous) and above four Add rows.

Hope this will be helpful.


Comments

Post a Comment

Popular posts from this blog

php - multilevel menu with multilevel array -

-
Just ask someone to solve this problem? I want to create a multilevel menu I can not find the right solution generated with multilevel array, it always gets an array_push error My study came from the original idea But still my Can not match the need. This is my MySQL [code] ----- --------------------- --------------- | ID | PARENT_ID | Name | Link | Seq | 1 | 0 | Dashboad | Dashboard / | 1 | 2 | 0 | Menu 1 | Menu 1 / | 2 | 3 | 0 | Menu 2 | Menu 2 / | 3 | 4 | 0 | Menu 3 | Menu 3 / | 4 | 5 | 2 | Joint Add / | 1 | 6 | 3 | Joint Add / | 1 | 7 | 2 | Edit | Edit / | 2 | 8 | 4 | Joint Add / | 1 ------------------------------------------ [/ Code] I want to do something like this in my array array ('dashboard' = & gt; array ('id' = & gt; '' 'Dame' = & gt; 'Dashboard', 'Title' = & gt; 'Dashboard', 'MatchMin' = & gt; Base_URL (). 'Dashboard /', 'Active' => = & Gt; NULL), ...
Read more

c# - TypeConverter in propertygrid only converts from string, not to -

-
When the property grid is reached, only the conversion mechanism (often called) is called "Foo!" Returns the property string in the grid when I click to edit I get an exception Type.oo. Object type can not be changed to type. (Not properly translated,) What is a clue from the convert format, why not? And the error indicates that it is trying to convert to a string, not from. I think that when I want to edit this object, it will have to be converted from foo to string, and when the editing ends. Public class FooTypeConverter: StringConverter {public override object ConvertFrom (ITypeDescriptorContext Reference, CultureInfo Culture, Object Value) {New Foo (string) value); } Convert the public override object (Type the ITE DiskText Contact Reference, CultureInfo Culture, Object Value, Type Type) {Return "Foo!"; } Public override bool CanConvertFrom (ITypeDescriptorContext reference, type source type) {back true; } Public Override Bull CanConvertTo (ITypeDescrip...
Read more

jQuery UI: Datepicker month format -

-
I am trying to change the format of the month that shows in the popup (not in the date that the picker actually I do not have any choice anywhere to do this, do I like to use a sub-string () or something else? What I normally display is Trying to change: Class = "ui-datepicker-title"> January & lt; / span & gt; ... & lt; / div & gt; Div>
Read more