如何在 open-uri 中绕过 SSL 证书验证? [英] How to bypass SSL certificate verification in open-uri?
问题描述
我尝试通过 https 连接访问带有 open-uri 的文件.不幸的是,证书有问题,我收到证书验证失败错误.我对此无能为力,所以我必须绕过验证.
I try to access a file with open-uri over an https connection. Unfortunately somethings wrong with the certificate, I get a certificate verify failed error. I can't do anything about that, so I have to bypass the verification.
我发现了这个答案
我不想/无法更改服务器上的 oen-uri.rb,而且我运行的是 Ruby 1.8.6.
I don't want to / can't change the oen-uri.rb on the server, and I'm running Ruby 1.8.6.
如何更改验证模式?或者更确切地说,我应该在哪里更改它?
How do I change the verify mode? Or more exactly where do I change it?
我可以把它放在哪里?
if target.class == URI::HTTPS
require 'net/https'
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
store = OpenSSL::X509::Store.new
store.set_default_paths
http.cert_store = store
end
或者肮脏的黑客:我可以把它放在哪里?
or the dirty hack: where can I put this?
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
推荐答案
警告,请勿在生产中执行此操作,您正在以这种方式完全禁用 SSL.
如果你真的不想要使用证书验证的额外安全性,并且可以升级到 Ruby 1.9.3p327+,你可以将 ssl_verify_mode
选项传递给 open
方法.例如,我是这样做的:
If you really don't want the additional security of using certificate verification, and can upgrade to Ruby 1.9.3p327+, you can pass the ssl_verify_mode
option to the open
method. Here for example is how I'm doing it:
request_uri=URI.parse('myuri?that_has=params&encoded=in_it&optionally=1')
# The params incidentally are available as a String, via request_uri.query
output = open(request_uri, {ssl_verify_mode: OpenSSL::SSL::VERIFY_NONE})
obj = JSON.parse output.readlines.join("")
这篇关于如何在 open-uri 中绕过 SSL 证书验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!