I would like to ask how to properly use Soup in gnome-shell extension with a certificate on the client site.
The snippet of my code looks like this:
const Soup = imports.gi.Soup;
const GObject = imports.gi.GObject;
const Gio = imports.gi.Gio;
const TlsDatabase = GObject.registerClass({
Implements: [Gio.TlsFileDatabase],
Properties: {
'anchors': GObject.ParamSpec.override('anchors', Gio.TlsFileDatabase),
},
}, class TlsDatabase extends Gio.TlsDatabase {});
let session = Soup.Session.new();
session.ssl_strict = true;
session.tls_database = new TlsDatabase({anchors: "path.pem"});;
- After the request, I always get Gio.TlsCertificateFlags.GENERIC_ERROR in the answer.
- Without setting session.tls_database, the error code is 3 and I did not find what does means. So something is happening and I suspect the TlsDatabase is not OK.
- Using
session.ssl_strict = false, it works and I got my answer, but I would like to have a secure connection. - Certificate and server site are OK, I have verified it with curl
curl --ssl --cacert path.pem .... It works.
Edited:
- This error is shown:
g_tls_database_verify_chain: assertion 'G_TLS_DATABASE_GET_CLASS (self)->verify_chain' failed
Thank you for any help.
