2

I'm trying to use a p12 file and password to open an https page using RestClient in ruby.

p12 = OpenSSL::PKCS12.new(File.read("#{RAILS_ROOT}/file.p12"), "pass")

resp = RestClient::Resource.new(url, :ssl_client_key => p12.key).get

than I get:

SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert handshake failure

(RestClient is not mandatory - anything else will do)

what am I missing?

Community
  • 1
  • 1
Uri Benaya
  • 21
  • 1
  • 2

2 Answers2

1

You must install openssl package and reinstall ruby. Not sure that important:

rmdir $rvm_path/usr/ssl/certs
ln -s /etc/ssl/certs $rvm_path/usr/ssl

Necesery:

rvm pkg install openssl
rvm <(if exist) re>install <RUBY_VERSION> --with-openssl-dir=$rvm_path/usr
Eraden
  • 2,818
  • 1
  • 19
  • 17
  • The first step took care of it for me. There was no ssl directory at all under $rvm_path so linking it in worked perfectly. I did not need to do the second part - I already had ruby built with SSL but the certs were missing from RVM itself. Thanks! – Code Friendly Apr 26 '12 at 22:21
0

You need to import your file.p12 file into your nssdb location.

mkdir /root/nssdb
pk12util -i /path-to/your/file.p12 -d /root/nssdb
certutil -L -d /root/nssdb/
export SSL_DIR = /root/nssdb

curl -X POST -H "Content-Type: text/xml" --data "#{xml}" --cert cert:password "https://yoururl.com" -v -k
chmod -R 777 /root/nssdb
chown -R user /root/nssdb

Embed this curl call in your ruby client. It will work.

Note: If you are using a different ssl version you need to add --tlsv1.0 to the curl command

Balaji Ravichandran
  • 318
  • 3
  • 12