Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Further improving by showing an alternate way without using a store b…

…ut passing a cert directly. This voids the ssl_with_pem.rb example.
  • Loading branch information...
commit 410ec371a9f93f4dc58f1b7720474ea607c2d626 1 parent d50c32e
@augustl augustl authored
Showing with 6 additions and 16 deletions.
  1. +6 −4 ssl_and_https.rb
  2. +0 −12 ssl_with_pem.rb
View
10 ssl_and_https.rb
@@ -8,15 +8,17 @@
# You can use a certificate to verify the server you're connecting to is the
# server you indented to connect to.
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
-store = OpenSSL::X509::Store.new
+http.cert = OpenSSL::X509::Certificate.new(File.read("/path/to/cert.pem"))
-# Use all system root certificates. Most setups have root certs for verisign,
-# entrust, thawte, etc installed.
+# You can also use a SSL store to automatically use all the certs installed on
+# your systems. Most setups have root certs for verisign, entrust, thawte, etc
+#installed.
+store = OpenSSL::X509::Store.new
store.set_default_paths
# You can also manually provide certs to the store. Download a cert for
# ssltest7 at https://www.thawte.com/roots and provide the full path to
-# that file here.
+# that file here, and remove `set_default_paths`.
store.add_file("/path/to/thawte_Primary_Root_CA.pem")
# Or add a OpenSSL Ruby object.
View
12 ssl_with_pem.rb
@@ -1,12 +0,0 @@
-require "net/https"
-require "uri"
-
-uri = URI.parse("https://secure.com/")
-pem = File.read("/path/to/my.pem")
-http = Net::HTTP.new(uri.host, uri.port)
-http.use_ssl = true
-http.cert = OpenSSL::X509::Certificate.new(pem)
-http.key = OpenSSL::PKey::RSA.new(pem)
-http.verify_mode = OpenSSL::SSL::VERIFY_PEER
-
-request = Net::HTTP::Get.new(uri.request_uri)
Please sign in to comment.
Something went wrong with that request. Please try again.