How to get soap4r to not bother verifying SSL certificate (verify_mode none)?

rubyonrails-talk
1

Using Ruby 1.8.7, Rails 2.3.8. I don't want it to verify the cert...

This is my backtrace:

OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed):   httpclient (2.1.5.2) lib/httpclient/session.rb:247:in `connect'   httpclient (2.1.5.2) lib/httpclient/session.rb:247:in `ssl_connect'   httpclient (2.1.5.2) lib/httpclient/session.rb:639:in `connect'   httpclient (2.1.5.2) lib/httpclient/timeout.rb:128:in `timeout'   httpclient (2.1.5.2) lib/httpclient/session.rb:631:in `connect'   httpclient (2.1.5.2) lib/httpclient/session.rb:522:in `query'   httpclient (2.1.5.2) lib/httpclient/session.rb:147:in `query'   httpclient (2.1.5.2) lib/httpclient.rb:953:in `do_get_block'   httpclient (2.1.5.2) lib/httpclient.rb:765:in `do_request'   httpclient (2.1.5.2) lib/httpclient.rb:848:in `protect_keep_alive_disconnected'   httpclient (2.1.5.2) lib/httpclient.rb:764:in `do_request'   httpclient (2.1.5.2) lib/httpclient.rb:666:in `request'   httpclient (2.1.5.2) lib/httpclient.rb:596:in `post'   /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/streamHandler.rb:238:in `send_post'   /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/streamHandler.rb:172:in `send'   /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/rpc/proxy.rb:179:in `route'   /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/rpc/proxy.rb:143:in `call'   /opt/local/lib/ruby/gems/1.8/gems/soap4r-1.5.8/lib/soap/rpc/driver.rb:181:in `call'   (eval):6:in `getDataBySecure'

2

Using Ruby 1.8.7, Rails 2.3.8. I don't want it to verify the cert...

I think you can do something like driver.options["protocol.http.ssl_config"] = {'verify_mode' => foo} or maybe driver.options["protocol.http.ssl_config.verify_mode"] = foo

Fred

3

I tried that. In ~GEM_HOME/gems/soap4r-1.5.8/lib/soap/netHttpClient.rb, I changed it to:

180 if SSLEnabled 181 http.ssl_config.verify_mode = nil 182 http.use_ssl = true

And I also tried with

http.ssl_config.verify_mode = (OpenSSL::SSL::VERIFY_NONE)

None of those seem to work.

4

It works locally... Hmm. My OpenSSL versions differs on the server and locally. That's probably the culprit.

5

You tried what i suggested or you tried the monkey patch you posted below? It's worth noting that soap4r will use the httpaccess gem if it is present, falling back to net/http if it isn't - I think you may only have monkeypatched the net/http part of soap4r

Fred