Search code examples
rubysoapsslopensslsavon

connect: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)

I'm having a terrible time getting SSL to verify a certificate. I'm completely ignorant on how certificates work so that's a major handicap to begin with. Here's the error I get when running the script:

c:/Ruby191/lib/ruby/1.9.1/net/http.rb:611:in `connect': SSL_connect returned=1 e
rrno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL
::SSL::SSLError)

Here's the relevant code:

client = Savon::Client.new order_svc

request = client.create_empty_cart { |soap, http|
  http.auth.ssl.cert_file = 'mycert.crt'
  http.auth.ssl.verify_mode = :none
  http.read_timeout = 90
  http.open_timeout = 90
  http.headers = { "Content-Length" => "0", "Connection" => "Keep-Alive" }
  soap.namespaces["xmlns:open"] = "http://schemas.datacontract.org/2004/07/Namespace"
  soap.body = {
      "wsdl:brand" => brand,
      "wsdl:parnter" => [
        {"open:catalogName" => catalogName, "open:partnerId" => partnerId }
      ] }.to_soap_xml

      }

Any help is appreciated.

Solution

  • Note: I was working with test automation in lower level environments that did not have properly signed certificates and would often throw errors due to domain signatures not matching. For the problem at hand, bypassing signatures was a plausible solution but it is not a solution to be used for production level development.

    My problem is that I am trying to validate a self-signed certificate. All I had to do was put the following code and omit anything to do with validating certificates.

    I had to do this for both my SOAP and REST calls that were both experiencing the same issue.

    SOAP using Savon

    client = Savon::Client.new order_svc

request = client.create_empty_cart { |soap, http|
  http.auth.ssl.verify_mode = :none
  http.headers = { "Content-Length" => "0", "Connection" => "Keep-Alive" }
  soap.namespaces["xmlns:open"] = "http://schemas.datacontract.org/2004/07/Namespace"
  soap.body = {
      "wsdl:brand" => brand,
      "wsdl:parnter" => [
        {"open:catalogName" => catalogName, "open:partnerId" => partnerId }
      ] }.to_soap_xml

      }

    REST using HTTPClient

    client = HTTPClient.new
client.ssl_config.verify_mode=(OpenSSL::SSL::VERIFY_NONE)
resp = client.get(Methods)