I must connect with some server which need SSL certificates, but I am
not able to write working code, I have:
- CA certificate
- X509 certificate
- Private key
when I wrote:
require ‘net/https’
https = Net::HTTP.new(‘host’, port)
https.use_ssl = true
https.ca_file = ‘/…/ca.pem’
https.verify_mode = OpenSSL::SSL::VERIFY_PEER
https.verify_depth = 5
https.cert = OpenSSL::X509::Certificate.new
File.open(‘/…/cert/cert.crt’)
https.key = OpenSSL::PKey::RSA.new File.open(‘/…/private/key.pem’)
https.request_get(‘/…/test.txt’)
I got:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read
server hello B: serverhello tlsext
from /…/lib/ruby/1.9.1/net/http.rb:799:in connect' from /.../lib/ruby/1.9.1/net/http.rb:799:in block in connect’
from /…/lib/ruby/1.9.1/timeout.rb:54:in timeout' from /.../lib/ruby/1.9.1/timeout.rb:99:in timeout’
from /…/lib/ruby/1.9.1/net/http.rb:799:in connect' from /.../lib/ruby/1.9.1/net/http.rb:755:in do_start’
from /…/lib/ruby/1.9.1/net/http.rb:744:in start' from /.../lib/ruby/1.9.1/net/http.rb:1284:in request’
from /…/lib/ruby/1.9.1/net/http.rb:1195:in `request_get’
But I can connect to this sever by wget without any problems:
wget --certificate=/…/cert/cert.crt --private-key=/…/private/key.pem
–ca-certificate=/…/ca.pem -O /tmp/x https://host/.../test.txt
I found that tlsext in SSL error message is some info about TLS
Extension, but I don’t know what exactly what it mean and how it fix.