0

I am trying to hit an api to fetch data but getting this error:

`connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)

This is how I am doing it:

require 'open-uri'
require 'json'

result = JSON.parse(open("https://xxx.xx.xx.:xxxx/xxx/xxx", :http_basic_authentication=>['username', 'password']).read)
puts "#{result}"

How to get rid of this?

Sparkplug
  • 485
  • 7
  • 21

1 Answers1

0

perhaps you have to force, ssl certificat validation OFF, like : 

require 'open-uri'
require 'json'
require 'openssl'

result = JSON.parse(open("your URL in HTTPS", {:ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE, :http_basic_authentication=>['username', 'password']}).read)

puts "#{result}"
Romain
  • 451
  • 4
  • 13
  • It says: ``
    ': uninitialized constant OpenSSL (NameError)` error
     – Sparkplug Mar 07 '14 at 11:46
  • require 'openssl" sorry – Romain Mar 07 '14 at 11:52
  • 1
    `VERIFY_NONE` is about the worst thing you can do here. It completely defeats the idea of SSL. Instead, you should ensure that you are actually able to properly verify the server certificate. – Holger Just Mar 07 '14 at 11:56
  • it defeat one of the idea of SSL, not cypering, you loose authentication ok, but it depend of what you want to do, il you need to explicitly use SSL verifications, you could have a look to : http://stackoverflow.com/questions/9199660/why-is-ruby-unable-to-verify-an-ssl-certificate?rq=1 – Romain Mar 07 '14 at 11:59
  • it's a way to have a 'keep it simple stupid' solution, not the 'heavy full metal jacket' one. An other time, it depend of many params, trusted network open, secutity needs and goals, etc ... – Romain Mar 07 '14 at 12:03
  • And broken is the enemy of working. Similar to deliberately insecure systems being the enemy of your user's data security. – Holger Just Mar 07 '14 at 12:40