You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Argh! OK, this just makes is worse. Rather than banishing the typical error "warning: peer certificate won't be verified in this SSL session", this causes "hostname was not match with the server certificate" when an S3 bucket name is DNS-compatible because there is a lookup to 'bucket.s3.amazonaws.com' so THAT is what the certificate has to match. Unfortunately, there doesn't seem to be any way to set the HTTP connection's verify_mode to be OpenSSL::SSL::VERIFY_NONE. In particular, the connection will be closed and re-established for low-level errors so the setting would have to be specified in a way that it could be reapplied to every new connection. A simple solution would be to set @http.verify_mode=OpenSSL::SSL::VERIFY_NONE when there is no ca_file given.
The text was updated successfully, but these errors were encountered:
My fork (rab/right_http_connection@fb47d2b) is effectively the same as the "minor fix for Ruby 1.9" mattmatt/right_http_connection@3b68e318b078dbbb38e498c35c70d46388c8e116
You want to remove the warning, so you set the CA file:
Argh! OK, this just makes is worse. Rather than banishing the typical error "warning: peer certificate won't be verified in this SSL session", this causes "hostname was not match with the server certificate" when an S3 bucket name is DNS-compatible because there is a lookup to 'bucket.s3.amazonaws.com' so THAT is what the certificate has to match. Unfortunately, there doesn't seem to be any way to set the HTTP connection's verify_mode to be OpenSSL::SSL::VERIFY_NONE. In particular, the connection will be closed and re-established for low-level errors so the setting would have to be specified in a way that it could be reapplied to every new connection. A simple solution would be to set @http.verify_mode=OpenSSL::SSL::VERIFY_NONE when there is no ca_file given.
The text was updated successfully, but these errors were encountered: