You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
IMHO this should not be the case, using :pem or pfx, this options should honor the previously set :verify_mode value.
I have a use case where using :pem certificates and :verify set to false (in my case, I'm testing my code against a web service which requieres pem certificates for authentication, but the server doesn't have a signed certificate in it's testing environment).
In other words, here's the code I was using, and expected it to work:
classMyClassincludeHTTPartydefault_params(verify: false,pem: a_certificate_and_key)# ...post(url, ...)# when posting, verify_mode is set to OpenSSL::SSL::VERIFY_PEERend
but instead I need to use this declaration for it to work OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE, which is pretty ugly.
I'll submit a pull request if you agree on this behavior.
Thanks,
The text was updated successfully, but these errors were encountered:
Honestly, I didn't add most of the ssl/certificate related code and I'm not sure what makes sense. A pull would definitely help to start the discussion and provide concrete examples of how/if it will break backwards compat.
Hi
attach_ssl_certificates
overrides the:verify
option value in this line https://github.com/jnunemaker/httparty/blob/master/lib/httparty/connection_adapter.rb#L147IMHO this should not be the case, using
:pem
orpfx
, this options should honor the previously set:verify_mode
value.I have a use case where using
:pem
certificates and:verify
set tofalse
(in my case, I'm testing my code against a web service which requieres pem certificates for authentication, but the server doesn't have a signed certificate in it's testing environment).In other words, here's the code I was using, and expected it to work:
but instead I need to use this declaration for it to work
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
, which is pretty ugly.I'll submit a pull request if you agree on this behavior.
Thanks,
The text was updated successfully, but these errors were encountered: