Ruby: Alternative to openssl for HTTPS and SSL communications

0
votes

I'm connecting to some government web services on my Rails application, using the Savon library. However, the web services are hosted on what looks like a poorly configured machine, and the openssl library refuses to work with them.

Since the Java and .NET clients were working fine, I started to look for alternatives. I've changed my Ruby runtime from Ruby Enterprise Edition to JRuby, which does not use the openssl libraries (it 'forwards' the SSL implementation to Java itself), and it worked great.

So now I'm looking for an alternative for writing a Ruby web service client using HTTPS but not openssl. Is there a pure-Ruby implementation of TLS/SSL? Or any other library I can bind to? I've heard about NSS, but looks like it's deprecated.

3
rubysslopenssl
I'm sure the openssl folks would love to know what the problem is. I know nothing about Ruby's openssl interface but openssl does have some options that can be set to work around buggy peers. If you could somehow get Ruby to use these you might be able to get things to work. - President James K. Polk
Nice tip, I'll check those options. - Fábio Batista

3 Answers

1
votes

Does the machine have libcurl installed? Following libraries use libcurl (which uses openssl internally) and it's possible that libcurl is 'well' configured I guess. You need libcurl header files to compile and install these gems though...

  • curb
  • patron
  • typhoeus

I've never heard that non-openssl SSL/TLS implementation for Ruby.

0
votes

If this is a problem with the verification of the SSL certificate, you could disable the check with:

http.verify_mode = OpenSSL::SSL::VERIFY_NONE
0
votes

I solved this issue by switching to JRuby. It has its own implementation of openssl, as a proxy to pure-Java SSL libraries.