我已经完成了pfx,我必须登录到特定的URL来发送和接收数据。这是自签名证书。
制作pem个文件:
openssl pkcs12 -in client_ssl.pfx -out client_smsgate-in.pem -clcerts
openssl pkcs12 -in client_ssl.pfx -out ca_client_smsgate-in.pem -cacerts
尝试连接:
require "net/https"
require "uri"
uri = URI.parse("myurl.ru")
pem = File.read("client_smsgate-in.pem")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.ca_file = File.read("ca_client_smsgate-in.pem")
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
http.cert = OpenSSL::X509::Certificate.new(pem)
http.key = OpenSSL::PKey::RSA.new(pem, 'pass')
request = Net::HTTP::Get.new(uri.request_uri)
response = http.request(request)
我错了:
lib/ruby/2.2.0/net/http.rb:923:in 'connect': SSL_connect returned=1 errno=0 state=unknown state: certificate verify failed (OpenSSL::SSL::SSLError)
如果选中OpenSSL::SSL::VERIFY_NONE,则有效。告诉我出了什么问题,因为我有CA证书给他?