Question

I'm using a local server to test an application, and make requests to that server from my own machine.

The test server's SSL is bad, and HTTParty throws errors because of that. From what I read, HTTParty should ignore SSL by default, but when I try to do this:

HTTParty.get( "#{ @settings.api_server }#{ url }" ).parsed_response

It throws this error:

OpenSSL::SSL::SSLError at /
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

How do I make it ignore the SSL?

No correct solution

OTHER TIPS

In the latest HTTParty, you can use the verify option to disable SSL verification;

HTTParty.get( "#{ @settings.api_server }#{ url }", :verify => false ).parsed_response

To make HTTParty always skip SSL cert verification, and not have to specify this in every call:

require 'httparty'
HTTParty::Basement.default_options.update(verify: false)

HTTParty.get("#{@settings.api_ssl_server}#{url1}")
HTTParty.get("#{@settings.api_ssl_server}#{url2}")
HTTParty.get("#{@settings.api_ssl_server}#{url3}")
# ...

You can also do this scoped to a class when including HTTParty as a module:

require 'httparty'

class Client
  include HTTParty
  default_options.update(verify: false)
end

Client.get("#{@settings.api_ssl_server}#{url1}")
Client.get("#{@settings.api_ssl_server}#{url2}")
Client.get("#{@settings.api_ssl_server}#{url3}")

Or

require 'httparty'

module APIHelpers
  class Client
    include HTTParty
    default_options.update(verify: false)
  end
end
World(APIHelpers)

Client.get("#{@settings.api_ssl_server}#{url1}")
Client.get("#{@settings.api_ssl_server}#{url2}")
Client.get("#{@settings.api_ssl_server}#{url3}")

If you want to still send your certificates, use this flag:

verify_peer: false

This may be totally off base, as I'm new to Ruby, but this is what worked for me when other solutions wouldnt

OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE

Additional ways of doing this, if you get a 'dynamic constant assignment' (pulled from here)

OpenSSL::SSL.const_set(:VERIFY_PEER, OpenSSL::SSL::VERIFY_NONE) 
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top