SSL in psc.rb
psc.rb uses Faraday's net/http
adapter by default. This adapter
verifies SSL certificates when used with HTTPS-served resources (as it
should). If the openssl install used by your ruby interpreter doesn't
have the CA certificate for your PSC instance, you'll get an exception
like this when you make a request:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
There are two ways to resolve this for psc.rb.
Configure OpenSSL with appropriate CA certificates
Depending on your OS & distribution, this may be as simple as installing another package, or it might be fiendishly complex/impossible. References:
Configure PSC::Client or PSC::Connection
You can pass SSL options to the underlying adapter when creating a Psc::Client or Psc::Connection instance:
psc = Psc::Client.new(
'https://demos.nubic.northwestern.edu/psc',
:authenticator => { :basic => %w(superuser superuser) },
:ssl => { :ca_file => '/etc/ssl/cacert.pem' }
)
This example assumes you've put an appropriate CA certificate in
/etc/ssl/cacert.pem
. (You can, of course, put it where ever you
like.) If you need a PEM-formatted version of the common commercial
certificates, http://curl.haxx.se/ca/ is a good source.
This option is much easier to get working than the first one. It has the downside that it requires that all platforms where you will run your code have the CA certs in the same place or that you add a another configuration option to your application.