hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sebb <seb...@gmail.com>
Subject Re: Failure to read SSL certs with Red Hat RHEL 4 versions of openssl
Date Tue, 29 Mar 2011 01:24:43 GMT
On 29 March 2011 00:39, Mike Papper <bodarotech@gmail.com> wrote:
> Hi, Im looking for help using HttpClient with Ruby on Rails. Heres our environment:
>
> Red Hat Enterprise Linux ES release 4 (Nahant Update 4)
> openssl version: OpenSSL 0.9.8e 23 Feb 2007 or OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
or OpenSSL 0.9.7a Feb 19 2003
> ruby: 1.8.6 or 1.8.7
> httpclient ruby gem: httpclient 2.1.5.2
>
> If this is the incorrect forum for openssl/httpclient I would appreciate direction to
the proper forum, thanks.

This is the correct forum for Apache HttpComponents HttpClient 4.x and
the older Apache Commons HttpClient 3.x , but is not the correct forum
for any other HttpClient implementations, of which there are many.

It looks like you are using a Ruby version of HttpClient.

I suggest you check the Ruby documentation and/or website or try a
search engine using a term from the stack trace, e.g.

httpclient-2.1.5.2/lib/httpclient/session.rb


> I try to contact a SSL-based Http server. Im using ruby with soap and httpclient. I see
this error:
>
> loading wsdl: https://test.secure.bhg.com/ws/profile/authenticate?WSDL
> cacerts loading failed
> at depth 2 - 20: unable to get local issuer certificate
> cacerts loading failed
> at depth 2 - 20: unable to get local issuer certificate
> cacerts loading failed
> at depth 2 - 20: unable to get local issuer certificate
> cacerts loading failed
> at depth 2 - 20: unable to get local issuer certificate
> cacerts loading failed
>
> Wire dump:
>
> = Request
>
> ! CONNECT TO test.secure.XYZ.com:443
> ! CONNECTION ESTABLISHED
> at depth 2 - 20: unable to get local issuer certificate
> ! CONNECTION CLOSED
> OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate
B: certificate verify failed
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:247:in
`connect'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:247:in
`ssl_connect'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:639:in
`connect'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient/timeout.rb:128:in
`timeout'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:631:in
`connect'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:522:in
`query'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:147:in
`query'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:953:in
`do_get_block'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:765:in
`do_request'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:848:in
`protect_keep_alive_disconnected'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:764:in
`do_request'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:666:in
`request'
>        from /usr/local/lib/ruby/gems/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:596:in
`post'
>        from /usr/local/lib/ruby/1.8/soap/streamHandler.rb:170:in `send_post'
>        from /usr/local/lib/ruby/1.8/soap/streamHandler.rb:109:in `send'
>        from /usr/local/lib/ruby/1.8/soap/rpc/proxy.rb:170:in `route'
>        from /usr/local/lib/ruby/1.8/soap/rpc/proxy.rb:141:in `call'
>        from /usr/local/lib/ruby/1.8/soap/rpc/driver.rb:178:in `call'
>        from /usr/local/lib/ruby/1.8/soap/rpc/driver.rb:232:in `authenticate'
>        from /u/apps/divine_caroline/releases/20110325223326/lib/registration_service.rb:215:in
`authenticate'
>
> ===================
>
> Some Notes:
> I have been able to successfully run this code from CentOS 5.4 built server using the
0.9.8e openssl libraries. So, it seems there are other differences between centOS 5.4 and
RHEL4 (other than openssl) that cause it not to work.
>
> Any insight would be appreciated.
>
> Mike
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
> For additional commands, e-mail: httpclient-users-help@hc.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-unsubscribe@hc.apache.org
For additional commands, e-mail: httpclient-users-help@hc.apache.org


Mime
View raw message