4

I'm trying to consume a web service with a certificate, sending a XML/SOAP, via SSL with mutual authentication. I've tried savon and net/http, but I'm stopped with the same error:

SSL_CTX_use_PrivateKey: key values mismatch (HTTPI::SSLError)

net/http:

uri = URI.parse('https://homologacao.sefaz.mt.gov.br/nfews/v2/services/NfeStatusServico2?wsdl')
pem = File.read("cert/cert.pem")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.cert = OpenSSL::X509::Certificate.new(pem)
http.key = OpenSSL::PKey::RSA.new(pem)
http.verify_mode = OpenSSL::SSL::VERIFY_PEER

http.start

savon:

WSDL_URL = 'https://homologacao.sefaz.mt.gov.br/nfews/v2/services/NfeStatusServico2?wsdl'

client = Savon.client(
   wsdl: WSDL_URL,
   ssl_version: :SSLv3,
   ssl_verify_mode: :peer,
   ssl_cert_file: 'cert/cert.pem',
   ssl_cert_key_file: 'cert/private_key.pem',
 # ssl_cert_key_password: '123456789',
   env_namespace: :soap, 
   namespace_identifier: nil
)

response = client.call(:nfeStatusServicoNF2, message: "test")

Is there a solution? Thanks!

John Hascall
  • 9,176
  • 6
  • 48
  • 72
Henrique Navarro Marçulo
  • 543
  • 6
  • 21
  • Savon uses HTTPI for the http communication. HTTPI picks one of the installed clients on your system. You should switch on logging to see which client it uses OR you can force it to use net/http. If I remember correctly then net/http is not the preferred client. I personally use HTTPClient for all my http stuff. – Steffen Roller Mar 18 '15 at 20:19
  • Have you tried http.rb? – digitalextremist Apr 22 '15 at 13:20
  • 1
    Certificates are tied to FQDN. You are trying to connect to `homologacao.sefaz.mt.gov.br`; does your `cert.pem` generated to certify requests to this particular domain? – lsdr Apr 23 '15 at 15:03
  • did you find a solution with Savon calling HTTPS SOAP webservices? – Jonathan Jun 10 '19 at 17:27

0 Answers0