我正在使用 Faraday gem( https://github.com/lostisland/faraday ) 与外部 JSON API 进行通信。我正在使用 SSL选项,因为 API 要求这样做:
ssl_crt = File.read(Jets.root.join('certs', 'test.crt'))
ssl_key = File.read(Jets.root.join('certs', 'test.key'))
client_cert = OpenSSL::X509::Certificate.new(ssl_crt)
client_key = OpenSSL::PKey.read(ssl_key)
connection = Faraday.new(
'https://sandbox-api.com/',
ssl: {
client_cert: client_cert,
client_key: client_key,
verify: true
}
) do |conn|
conn.response :json, content_type: /\bjson$/
conn.use Faraday::Response::RaiseError
conn.adapter Faraday.default_adapter
end
connection.get('/token')
不幸的是,这返回了以下错误:
Traceback (most recent call last):
16: from /Users/mateuszurbanski/.gem/ruby/2.5.3/gems/faraday-1.0.1/lib/faraday/connection.rb:198:in `get'
15: from /Users/mateuszurbanski/.gem/ruby/2.5.3/gems/faraday-1.0.1/lib/faraday/connection.rb:492:in `run_request'
14: from /Users/mateuszurbanski/.gem/ruby/2.5.3/gems/faraday-1.0.1/lib/faraday/rack_builder.rb:153:in `build_response'
13: from /Users/mateuszurbanski/.gem/ruby/2.5.3/gems/faraday_middleware-1.0.0/lib/faraday_middleware/response_middleware.rb:36:in `call'
12: from /Users/mateuszurbanski/.gem/ruby/2.5.3/gems/faraday-1.0.1/lib/faraday/response.rb:11:in `call'
11: from /Users/mateuszurbanski/.gem/ruby/2.5.3/gems/faraday-1.0.1/lib/faraday/adapter/net_http.rb:68:in `call'
10: from /Users/mateuszurbanski/.gem/ruby/2.5.3/gems/faraday-1.0.1/lib/faraday/adapter.rb:60:in `connection'
9: from /Users/mateuszurbanski/.gem/ruby/2.5.3/gems/faraday-1.0.1/lib/faraday/adapter/net_http.rb:70:in `block in call'
8: from /Users/mateuszurbanski/.gem/ruby/2.5.3/gems/faraday-1.0.1/lib/faraday/adapter/net_http.rb:128:in `perform_request'
7: from /Users/mateuszurbanski/.gem/ruby/2.5.3/gems/faraday-1.0.1/lib/faraday/adapter/net_http.rb:135:in `request_with_wrapped_block'
6: from /Users/mateuszurbanski/.gem/ruby/2.5.3/gems/faraday-1.0.1/lib/faraday/adapter/net_http.rb:144:in `request_via_get_method'
5: from /Users/mateuszurbanski/.rubies/ruby-2.5.3/lib/ruby/2.5.0/net/http.rb:909:in `start'
4: from /Users/mateuszurbanski/.rubies/ruby-2.5.3/lib/ruby/2.5.0/net/http.rb:920:in `do_start'
3: from /Users/mateuszurbanski/.rubies/ruby-2.5.3/lib/ruby/2.5.0/net/http.rb:981:in `connect'
2: from /Users/mateuszurbanski/.rubies/ruby-2.5.3/lib/ruby/2.5.0/net/protocol.rb:44:in `ssl_socket_connect'
1: from /Users/mateuszurbanski/.rubies/ruby-2.5.3/lib/ruby/2.5.0/net/protocol.rb:44:in `connect_nonblock'
Faraday::SSLError (SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate))
任何想法我做错了什么?
编辑:
我忘了补充说,相同的证书在 Postman 中运行良好。
最佳答案
首先,我们需要确认您使用的是公共(public) ca 颁发的证书、私有(private)颁发的证书还是自签名证书,因为错误表明它无法找到已签署叶子证书的证书。
我建议首先检查“test.crt”是否将服务器、中间证书和根证书连接在一起。如果中间文件或根文件未连接,请使用 notepad++ 或任何编辑工具编辑 test.crt,将其添加到 test.crt(请不要使用 windows word 文件)。请使用 Notepad++ 打开eh中间文件并复制内容。复制后将其粘贴到 test.crt 文件的 -----END CERTIFICATE----- 下,并对根证书也执行相同的步骤。请让我们知道输出。
关于ruby - Faraday::SSLError(SSL_connect 返回=1 errno=0 state=error: 证书验证失败(无法获取本地颁发者证书)),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/62466765/