58

I'm using a local server to test an application, and make requests to that server from my own machine.

The test server's SSL is bad, and HTTParty throws errors because of that. From what I read, HTTParty should ignore SSL by default, but when I try to do this:

HTTParty.get( "#{ @settings.api_server }#{ url }" ).parsed_response

It throws this error:

OpenSSL::SSL::SSLError at /
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

How do I make it ignore the SSL?

the Tin Man
  • 158,662
  • 42
  • 215
  • 303
Jasper Kennis
  • 3,225
  • 6
  • 41
  • 74
  • 2
    change the api URI to `http` instead of `https` or remove port 443 if that's specified? – Mike Campbell Jan 06 '14 at 17:23
  • See here - https://github.com/jnunemaker/httparty/issues/93 – maerics Jan 06 '14 at 18:30
  • Duh, using http instead was fine, tnx Mike! I had seen that issue your referring to, maerics, if I understand that little talk correctly I shouldn't have gotten these errors in the first place, that's why I posted this question actually, I was clueless. – Jasper Kennis Jan 08 '14 at 09:54
  • If you have installed Ruby with RVM as a binary and OpenSSL with Homebrew, then there's a mismatch between these two. See this issue: http://stackoverflow.com/questions/30901864/troubleshooting-ssl-certificates-ruby-mac-os-x-yosemite/33035529#33035529 – Petrus Repo Oct 09 '15 at 10:16

4 Answers4

71

In the latest HTTParty, you can use the verify option to disable SSL verification;

HTTParty.get( "#{ @settings.api_server }#{ url }", :verify => false ).parsed_response
sixones
  • 1,953
  • 4
  • 21
  • 25
36

To make HTTParty always skip SSL cert verification, and not have to specify this in every call:

require 'httparty'
HTTParty::Basement.default_options.update(verify: false)

HTTParty.get("#{@settings.api_ssl_server}#{url1}")
HTTParty.get("#{@settings.api_ssl_server}#{url2}")
HTTParty.get("#{@settings.api_ssl_server}#{url3}")
# ...

You can also do this scoped to a class when including HTTParty as a module:

require 'httparty'

class Client
  include HTTParty
  default_options.update(verify: false)
end

Client.get("#{@settings.api_ssl_server}#{url1}")
Client.get("#{@settings.api_ssl_server}#{url2}")
Client.get("#{@settings.api_ssl_server}#{url3}")

Or

require 'httparty'

module APIHelpers
  class Client
    include HTTParty
    default_options.update(verify: false)
  end
end
World(APIHelpers)

Client.get("#{@settings.api_ssl_server}#{url1}")
Client.get("#{@settings.api_ssl_server}#{url2}")
Client.get("#{@settings.api_ssl_server}#{url3}")
djangofan
  • 28,471
  • 61
  • 196
  • 289
renier
  • 768
  • 6
  • 9
6

If you want to still send your certificates, use this flag:

verify_peer: false
Danielle
  • 860
  • 10
  • 13
  • 1
    This is the best answer IMO. I don't understand why anyone would want to completely turn off SSL, especially in a production environment. – mgabz Nov 21 '17 at 17:13
1

This may be totally off base, as I'm new to Ruby, but this is what worked for me when other solutions wouldnt

OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE

Additional ways of doing this, if you get a 'dynamic constant assignment' (pulled from here)

OpenSSL::SSL.const_set(:VERIFY_PEER, OpenSSL::SSL::VERIFY_NONE)
Brad Parks
  • 66,836
  • 64
  • 257
  • 336