0

I am making an HTTP request like so in ruby:

url = URI.parse('https://example.com')
req = Net::HTTP::Get.new(url.to_s)
res = Net::HTTP.start(url.host, url.port, :use_ssl => true) {|https|
  http.request(req)
}

The problem with this is that it tells me SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed.

I have found instructions involving pointing to .pem files. I am assuming that these files are some sort of certificate used in the authentication of HTTP requests, but I am not sure where to get one or how to use one.

I also wonder why HTTPS requests require the requester to have a certificate anyways, since they are the ones who want to verify the server's authenticity. Should there not be one central certificate on my computer for this purpose already, since my web browsers are (obviously) capable of making HTTPS requests?

My main problem is essentially how to fix this, but it would be nice to know why i need it in the first place.

Ethan McTague
  • 2,236
  • 3
  • 21
  • 53
  • This blog post answers every part of your question in depth: http://mislav.net/2013/07/ruby-openssl/ Do read the whole thing, though. – Jordan Running Dec 11 '15 at 21:05
  • @Jordan Looks like your link will help me. Turns out ruby had the openssl certs under `C:/Users/Luiz/...` for some reason, a user that doesn't exist and never did. – Ethan McTague Dec 11 '15 at 21:14
  • I am, however, wondering where on my machine I can point ruby to find the certs (win & linux) or where I can download a .pem that will work for github api ssl requests. – Ethan McTague Dec 11 '15 at 21:15
  • I think http://curl.haxx.se/ca/cacert.pem has what I need, now. I'll see. – Ethan McTague Dec 11 '15 at 21:23

0 Answers0