CODEWITHSUNDEEP
ruby-on-railsrubyruby-on-rails-3httpsrequest
user502052
user502052

Reputation: 15259

Troubles doing HTTPS requests on localhost

I am using Ruby on Rails 3 and I am trying to use HTTPS on localhost in order to implement APIs. What I have made is inspired by Paul Dix's code.

After a lot of headaches, I was able to generate a certificate, setting Apache and writing some code. It seems like I'm close to a solution. This is what I have so far:

require 'uri'
require 'net/https'

...

    host = "https://<my_site_name>.com"
    path = "/users/1.json"

    uri = URI.parse("#{host}#{path}")

    http = Net::HTTP.new(uri.host, uri.port)
    http.use_ssl = true
    http.verify_mode = OpenSSL::SSL::VERIFY_NONE
    http.ca_file = File.join(File.dirname("/private/etc/apache2/ssl/wildcard.certificate/ca.db.certs/"), "01.pem")
    http.start do
      puts http.get("#{host}#{path}")
    end

    @test_response = http

@test_response resolves to:

<Net::HTTP <my_site_name>.com:443 open=false>

This is the first time that I have done this kind of thing, and I am not expert in implementing the code for it, so I have some questions:

(1) What does uri = URI.parse("#{host}#{path}") mean? What is the uri scope?

(2) Why does Paul Dix use:

http.start do
  puts http.get("#{host}#{path}")
end

and not

@test_response = http.get("#{host}#{path}")

(3) Using the Paul Dix's version, how I can read the @test_response values? Is it right to do @test_response = http?

(4) Why is it that when I use http.verify_mode = OpenSSL::SSL::VERIFY_PEER instead of http.verify_mode = OpenSSL::SSL::VERIFY_NONE I get this error:

SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

(5) Where should I put my .pem certificate in my Ruby on Rails application?

(6) Is the above code correct and advisable? If not, what I can improve?

One more thing I discovered is if I use

http.start do
  @test_response = http.get("#{host}#{path}")
end

@test_response returns

--- !ruby/object:Net::HTTPOK 
body: ...
body_exist: true
code: "200"
header: 
  ...
  status: 
  - "200"
  transfer-encoding: 
  - chunked
  content-type: 
  - application/json; charset=utf-8
http_version: "1.1"
message: OK
read: true

If I use simply

@internal_test2 = http.get("#{host}#{path}")

@test_response returns

--- !ruby/object:Net::HTTPOK 
body: ...
body_exist: true
code: "200"
header: 
  ...
  status: 
  - "200"
  connection:    # This is the differce from the previous result
  - close
  transfer-encoding: 
  - chunked
  content-type: 
  - application/json; charset=utf-8
http_version: "1.1"
message: OK
read: true

(7) What is it mean?

Upvotes: 0

Views: 1646

Answers (1)

Michelle Tilley
Michelle Tilley

Reputation: 159095

I'm not positive exactly what you're trying to accomplish here (it looks like you're trying to connect to and read an HTTPS request), but I will try to answer your questions the best I can.

(1) What does uri = URI.parse("#{host}#{path}") mean? What is the uri scope?

According to its API documentation, URI.parse takes a string (in this case, "#{host}#{path}" and returns one of URI's subclasses from it. The point is to get a URI object instead of a string. (URI is a Ruby module.)

(2) Why does Paul Dix use:

http.start do
  puts http.get("#{host}#{path}")
end

Again, see the documentation for Net::HTTP#start. By using a block, he's opened the TCP connection and the HTTP session, both of which are automatically closed after the block is done executing.

(3) Using the Paul Dix's version, how I can read the @test_response values? Is it right to do @test_response = http?

I'm not sure what you mean here. If you do @test_response = http, then @test_response has all the same values as http. You can read the response body, etc. from it.

(4) Why is it that when I use http.verify_mode = OpenSSL::SSL::VERIFY_PEER instead of http.verify_mode = OpenSSL::SSL::VERIFY_NONE I get this error:

SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

This is because Ruby can't find the certification authority certs. See http://martinottenwaelter.fr/2010/12/ruby19-and-the-ssl-error/ for more information on potentially fixing this.

(5) Where should I put my .pem certificate in my Ruby on Rails application?

I believe this is specific to the server you're using to serve your Rails application, and not to the Rails application itself.

(6) What is it mean?

I believe this simply indicates the HTTP session has been closed. See #2.

Upvotes: 2

Related Questions