获取"错误读取X.509密钥或证书文件"通过使用curb,而curl使用相同的证书没有错误

时间:2014-07-30 06:47:54

标签: ruby-on-rails ruby curl ssl curb

在Ubuntu trusty-64上用rvm和ruby 2.0.0-p353使用curb 0.8.5我尝试发帖请求。

当我在命令行中使用curl执行它时,它会发出请求并返回ok,但是当我在ruby中执行相同的请求时,它会因 error reading X.509 key or certificate file 消息而失败。在这两种情况下,我都使用相同的证书。

vagrant@cabinet:~/app$ curl -k --cert certs/ds_admin.pem --cert-type PEM https://pim.somewhere.ru:5543/authentication/user/login/? --data "{\"login\":\"+71111111150\",\"password\":\"qwerty123\"}" -v

* Hostname was NOT found in DNS cache 151.209.250.186
*   Trying 151.209.250.186...
* Connected to pim.somewhere.ru (151.209.250.186) port 5543 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES128-SHA
* Server certificate:
*        subject: C=RU; O=BE; OU=test env; CN=*.somewhere.ru
*        start date: 2013-02-27 15:09:21 GMT
*        expire date: 2015-11-24 15:09:21 GMT
*        issuer: C=RU; O=BE; OU=test env; CN=*.somewhere.ru
*        SSL certificate verify result: self signed certificate (18), continuing anyway.
> POST /authentication/user/login/? HTTP/1.1
> User-Agent: curl/7.35.0
> Host: pim.somewhere.ru:5543
> Accept: */*
> Content-Length: 47
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 47 out of 47 bytes
* SSLv3, TLS handshake, Hello request (0):
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Request CERT (13):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS handshake, CERT verify (15):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
< HTTP/1.1 200 OK
< Content-Length: 325
< Content-Type: application/json; charset=utf-8
* Server Microsoft-HTTPAPI/2.0 is not blacklisted
< Server: Microsoft-HTTPAPI/2.0
< Date: Wed, 30 Jul 2014 06:15:58 GMT
< 
* Connection #0 to host pim.somewhere.ru left intact
{"Token":"re7hCmYB4hCjJRphLS4dK58nNAkIvHZYVbY9ie94vICPbJadauLclDjPKFLz9lGCz6jjex3GFTL7NmxBofOP70bx6Abin+UrXZj\/N5PEFi3jYR9LIaIxgz5AXYoLxr1kismBZgjvQYCIndhr8lwNpw==|2014-07-30T08:15:58","User":{"FirstName":"First","LastName":"Last","Login":"+71111111150","UserId":"UAS100004","UserNativeId":"1-156LVK","UserSysName":"siebel"}}

在Rails控制台中使用curb

From: /home/vagrant/app/app/models/uas/query.rb @ line 49 Uas::Query.client:

    44: def self.client(url)
    45:   url = "#{Rails.configuration.uas_url}/#{url}"
    46:
    47:   Curl::Easy.new(url) do |curl|
    48:     curl.use_ssl = 1
 => 49:     binding.pry
    50:     curl.cert = Rails.configuration.uas_sertificate
    51:     curl.ssl_verify_peer = false
    52:     curl.ssl_verify_host = false
    53:     curl.verbose = true
    54:   end
    55: end

[1] pry(Uas::Query)> c
Request post user/login/?
{:login=>"+71111111150", :password=>"qwerty123"}
* Hostname was NOT found in DNS cache
*   Trying 151.209.250.186...
* Connected to pim.somewhere.ru (151.209.250.186) port 5543 (#0)
* found 164 certificates in /etc/ssl/certs/ca-certificates.crt
* error reading X.509 key or certificate file
* Closing connection 0
Curl::Err::SSLConnectError: Curl::Err::SSLConnectError

我查了Rails.configuration.uas_sertificate - 这是证书,可以File.read(Rails.configuration.uas_sertificate)

阅读

我该如何解决?

1 个答案:

答案 0 :(得分:0)

在我的流浪盒中,我安装了两个 libcurl 包:

  • libcurl4-openssl-dev
  • libcurl4-GNUTLS-dev的

从第二个用于编译curb gem native扩展。我想这是因为它是在libcurl4-openssl-dev软件包之后安装的。

我从包安装列表中删除了libcurl4-gnutls-dev并重建了vagrant box后,curb接受了证书。