HOW TO USE SSL IN SAVON
1,235 views
Skip to first unread message
Loganathan Sellapa
Jan 8, 2013, 3:35:30 AM1/8/13
to bangal...@googlegroups.com
HI All,
I want to consume the SOAP apis using SSL in the SAVON gem, but I am facing the below error while trying to access the soap services.
I want to consume the SOAP apis using SSL in the SAVON gem, but I am facing the below error while trying to access the soap services.
client = Savon.client(wsdl: "https://xxx?WSDL")
client.operations
HTTPI GET request to xxxxx (curb)
HTTPI::SSLError: Curl::Err::SSLPeerCertificateErro
In the Savon site I found that options to pass the SSL certificate file, but I didin't understand it, since why do we need to have the ssl certificate to
consume the API? Also let me know the way to consume the SOAP service with SSL.
regards,
Hemant Kumar
Jan 9, 2013, 2:21:59 AM1/9/13
to bangal...@googlegroups.com
Hi,
On 08-Jan-2013, at 2:05 PM, Loganathan Sellapa <logana...@gmail.com> wrote:
HI All,
I want to consume the SOAP apis using SSL in the SAVON gem, but I am facing the below error while trying to access the soap services.
client = Savon.client(wsdl: "https://xxx?WSDL")client.operations
HTTPI GET request to xxxxx (curb)HTTPI::SSLError: Curl::Err::SSLPeerCertificateErroIn the Savon site I found that options to pass the SSL certificate file, but I didin't understand it, since why do we need to have the ssl certificate toconsume the API? Also let me know the way to consume the SOAP service with SSL.
You may need SSL certificate to consume a SOAP service for following reasons,
The http end point you are connecting to, uses a certificate which uses a root certificate that is not stored in your certificate store. To put it another way, using OpenSSL anyone can generate a self signed certificate, but a self signed certificate is not recognized by browsers or http clients, because root certificate of self signed certificate is unknown. Thats the reason you give money to verisign etc to get a SSL certificate because their root certificate is known to everyone. In this particular case though you can disable certificate verification, by using Savon.client(ssl_verify_mode: :none) and should work.
Loganathan Sellapa
Jan 9, 2013, 2:24:42 AM1/9/13
to bangal...@googlegroups.com
Nope It doesn't work event after I disable the SSl verification via SAVON. I want to know onething that do I need to get the SSL certificate and key from the api provider?
Hemant Kumar
Jan 9, 2013, 3:06:24 AM1/9/13
to bangal...@googlegroups.com
can you post the complete exception? Your original message had SSL exception truncated at the end. Some web services use SSL public/private key combination for authentication as well, in which case you may have to request key from API provider.
--
Loganathan Sellapa
Jan 9, 2013, 3:23:13 AM1/9/13
to bangal...@googlegroups.com
HTTPI executes HTTP GET using the curb adapter
Curl::Err::SSLPeerCertificateError: Curl::Err::SSLPeerCertificateError
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/curb-0.7.18/lib/curl/easy.rb:43:in `perform'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/httpi-1.1.1/lib/httpi/adapter/curb.rb:23:in `http_get'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/httpi-1.1.1/lib/httpi/adapter/curb.rb:23:in `block in get'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/httpi-1.1.1/lib/httpi/adapter/curb.rb:54:in `do_request'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/httpi-1.1.1/lib/httpi/adapter/curb.rb:23:in `get'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/httpi-1.1.1/lib/httpi.rb:86:in `block in get'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/httpi-1.1.1/lib/httpi.rb:193:in `with_adapter'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/httpi-1.1.1/lib/httpi.rb:84:in `get'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/wasabi-2.5.1/lib/wasabi/resolver.rb:30:in `from_remote'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/wasabi-2.5.1/lib/wasabi/resolver.rb:21:in `xml'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/wasabi-2.5.1/lib/wasabi/document.rb:113:in `xml'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/wasabi-2.5.1/lib/wasabi/document.rb:131:in `parse'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/wasabi-2.5.1/lib/wasabi/document.rb:118:in `parser'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/wasabi-2.5.1/lib/wasabi/document.rb:34:in `endpoint'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/savon-1.2.0/lib/savon/soap/request_builder.rb:170:in `configure_dependencies'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/savon-1.2.0/lib/savon/soap/request_builder.rb:51:in `request'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/savon-1.2.0/lib/savon/client.rb:86:in `request'
from (irb):2
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/railties-3.0.5/lib/rails/commands/console.rb:44:in `start'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/railties-3.0.5/lib/rails/commands/console.rb:8:in `start'
from /home/ubuntu/.rvm/gems/ruby-1.9.3-p194/gems/railties-3.0.5/lib/rails/commands.rb:23:in `<top (required)>'
from script/rails:6:in `require'
--
Hemant Kumar
Jan 9, 2013, 3:52:17 AM1/9/13
to bangal...@googlegroups.com
Hello,
You are definitely seeing this error because of a SSL cert. which is not recognised. For more information read this:
If the web service you are trying to use - uses a self signed certificate you will have to ask them to provide CA certificate bundle. If they are using a SSL certificate signed by known provider and still getting that error, that means you are perhaps older version of curl or the one, that is not picking root certificate from system wide certificate store.
One quick way to verify, if they are using a known root certificate is to, try to open the web service url in browser (with https). Sorry, that I can't help beyond this.
--
Loganathan Sellapa
Jan 9, 2013, 3:55:25 AM1/9/13
to bangal...@googlegroups.com
ok, Thanks Hemant.
Reply all
Reply to author
Forward
0 new messages