2

I tried to put verify_ssl=>false to the request, but it doesn't work.

Below is my code:

def login_request (username, password)
  request_body_map = {:userName => username, :password => password}
  request_header = {:content_type => 'application/json', :accept => 'application/json'} 
  begin
    res = RestClient.post endpoint, request_body_map.to_json, {:header => request_header, :verify_ssl => false} 
    response_data = JSON.parse(res.body) 
  rescue Exception => e raise e
  end
end
Nguyen Thu
  • 21
  • 1
  • 6
  • maybe duplicate question, please refer to: http://stackoverflow.com/questions/38255071/restclient-get-returning-certificate-verify-failed – dannyxu Sep 22 '16 at 02:20

3 Answers3

3

please use RestClient::Request.execute(method: :get, url: url, headers: headers, verify_ssl: false)

verify_ssl is not accepted in RestCient.method

Jin.X
  • 120
  • 7
  • @DannyG author of the question wanted to use `verify_ssl`, and this is the syntax to use, if the insecure is about turning off the ssl verification, otherwise, I would like to know how is it insecure? – Jin.X Dec 06 '17 at 12:52
  • If you are not verifying the SSL very, it’s possible it’s a fraud. – Danny G Jul 22 '18 at 15:09
  • @DannyG originally question is having a wrong syntax...weather or not enabling ssl, my answer is the right syntax – Jin.X Jul 24 '18 at 11:34
  • Not debating that, just calling out the security risk. – Danny G Jul 25 '18 at 05:37
0

Try this:

def login_request (username, password)
  request = {'userName': username, 'password': password}.to_json
  url = "#{$url_host}#{$login_api}"
  begin
    res = RestClient.post(
        url,
        request,
        :content_type => :json, :accept => :json,
        :verify_ssl => false)
    response_data = JSON.parse(res.body) 
    $user_token = response_data['token'] 
    $userId = response_data['user']['userId'] 
    p response_data['user']['email'] 
  rescue Exception => e
  end
end

You can put the authentication details with :varify_ssl.

Mahesh Pawar
  • 153
  • 1
  • 14
0

We're facing the same exact error (B: certificate verify failed) and it's driving me nuts. This started showing up for our developers around the 10th of Oct, 2015.

In authorize.net developer forums there are many threads with the same issue, two of which are recent (first thread) (second thread) and both went dead with no resolution, these two threads started around the same time we started facing this issue, so my guess is that it has to do with authorize.net bad/new certificate with missing certificate chain.

This exact issue appeared before around 2012 and 2014 (check their developer forum), Authorize.net admitted it was a bad change they made to their certificates and then later fixed the issue, but this time it appears to be an ongoing since mid October.

PS: I tried installing every root/chain certificate on our server but this issue persists.

Blanq
  • 1
  • 2
  • 1
    The issue is gone when I change the way to call the request, like this: res = RestClient::Request.execute(:url => endpoint, :method => :post, :headers => request_header, :payload => request_body_map.to_json, :verify_ssl => false) response_data = JSON.parse(res.body) Hope this help! ^^ – Nguyen Thu Jan 15 '16 at 03:49
  • Thanks @NguyenThu, for me it turned out the developers were using faulty authorize.net configurations. – Blanq Jan 23 '16 at 02:37
  • I was able to resolve this as a result of swapping out the certificate chain on the server. – Danny G Dec 07 '17 at 21:26