How do you provide all the details necessary to make an HTTPS request with an SSL client certificate?
Asked
Active
Viewed 2,361 times
5
-
This might make a good FAQ because Ruby docs and examples sux at times. I avoid Ruby altogether because as a beginner who has read the book, I can't figure out how to get basic security services to work. Unfortunately, I don't know how to mark it as a FAQ item. – jww May 08 '15 at 22:21
1 Answers
8
Okay, so I looked all over and found bits and pieces of what I needed. I want to provide this for anyone else that is struggling. All of the files were put in a PEM format. I used the client.key file to create a CSR that was given to the server administrator. In return I got a P7B file that I then needed to be convert into PEM files. The root.cer and client.cer file came from the P7b.
uri = URI.parse(my_url_stril)
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.cert = OpenSSL::X509::Certificate.new(File.read("client.cer"))
http.ca_file = 'root.cer'
http.key = OpenSSL::PKey::RSA.new(File.read("client.key"))
request = Net::HTTP::Post.new(uri.request_uri)
request.body = body
response = http.request(request)
Let me know if you need more details!
Tom Rossi
- 11,604
- 5
- 65
- 96
-
Wow, that was a fast answer... Almost as though you asked the question just so that you could answer it. :) – David Hoelzer May 08 '15 at 20:51
-
-
@jww 2 breakthroughs I needed. The parsing of the p7b (needed a PC to do it) and you asked me about the .key file. Once I got the client.cert out of the p7b and loaded the .key file, everything worked! I didn't even need to do anything with the cipher. Thank you so much!! Can you DM me somehow? – Tom Rossi May 09 '15 at 01:07
-
@TomRossi I think I stumbled on the same problem. Only question I'm still having is how did you managed to extract the client.key and root.cer form the p7b file. – Frank Jul 02 '21 at 12:08