3

How can I specify for net/http to not verify the SSL certificate, when loading through Handsoap and jiraSOAP.. see code below:

require 'jiraSOAP'

Handsoap.http_driver = :net_http

api = JIRA::JIRAService.new jira_url
api.login(jira_user,jira_pwd)

I know I need this somewhere: OpenSSL::SSL::VERIFY_NONE

Error below:

OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
    from /usr/local/lib/ruby/1.9.1/net/http.rb:678:in `connect'
    from /usr/local/lib/ruby/1.9.1/net/http.rb:678:in `block in connect'
    from /usr/local/lib/ruby/1.9.1/timeout.rb:58:in `timeout'
    from /usr/local/lib/ruby/1.9.1/timeout.rb:89:in `timeout'
    from /usr/local/lib/ruby/1.9.1/net/http.rb:678:in `connect'
    from /usr/local/lib/ruby/1.9.1/net/http.rb:637:in `do_start'
    from /usr/local/lib/ruby/1.9.1/net/http.rb:626:in `start'
    from /usr/local/lib/ruby/gems/1.9.1/gems/handsoap-1.1.8/lib/handsoap/http/drivers/net_http_driver.rb:53:in `send_http_request'
    from /usr/local/lib/ruby/gems/1.9.1/gems/handsoap-1.1.8/lib/handsoap/service.rb:249:in `invoke'
    from /usr/local/lib/ruby/gems/1.9.1/gems/jiraSOAP-0.10.3/lib/jiraSOAP/api.rb:55:in `build'
    from /usr/local/lib/ruby/gems/1.9.1/gems/jiraSOAP-0.10.3/lib/jiraSOAP/api.rb:69:in `soap_call'
    from /usr/local/lib/ruby/gems/1.9.1/gems/jiraSOAP-0.10.3/lib/jiraSOAP/api.rb:18:in `login'
nictrix
  • 1,483
  • 1
  • 17
  • 34
  • I did a hack on /usr/local/lib/ruby/gems/1.9.1/gems/handsoap-1.1.8/lib/handsoap/http/drivers/net_http_driver.rb:39 and added: http_client.verify_mode = OpenSSL::SSL::VERIFY_NONE, but that's not proper. – nictrix Dec 07 '11 at 16:43
  • Hey nick - were you able to successfully solve this? I have the same problem. My 1.9.1 can't verify JIRA's cert. Not a lot of people know this issue. – Majoris May 24 '12 at 06:27

1 Answers1

1

I had the same issue, using HandSoap 1.1.8. Noticed that NetHttpDriver references Net::Http without the root scope, so I was able to override it somewhat succinctly.

class SoapService < ::Handsoap::Service

  def http_driver_instance
    Handsoap::Http.drivers[:net_http].new
  end

  # This is rather ugly. Handsoap provides no hooks in its drivers to allow certs to be ignored.
  # Luckily, it calls Net::Http without the root scope, so we can shoehorn it.
  require 'handsoap/http/drivers/net_http_driver'
  require 'net/http'
  module Handsoap::Http::Drivers
    class NetHttpDriver
      module Net
        class HTTP < ::Net::HTTP
          def initialize(address, port = nil)
            super
            self.verify_mode = OpenSSL::SSL::VERIFY_NONE
          end
        end
      end
    end
  end

end
aceofspades
  • 7,568
  • 1
  • 35
  • 48