-
Notifications
You must be signed in to change notification settings - Fork 322
HTTPS
The HTTP gem supports HTTPS via Ruby's built-in OpenSSL module. Unlike certain other Ruby HTTP clients, all you have to do in order to use HTTPS is pass in an https://
-prefixed URL. That's it!
To use client certificates, you can pass in a custom OpenSSL::SSL::SSLContext
object containing the certificates you wish to use:
ctx = OpenSSL::SSL::SSLContext.new
ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
ctx.cert = OpenSSL::X509::Certificate.new(File.read("client.crt"))
ctx.key = OpenSSL::PKey::RSA.new(File.read("client.key"))
HTTP.get("https://www.google.com", :ssl_context => ctx)
This section describes how to turn off HTTPS security while still pretending to use HTTPS. Please do NOT do this. With certificate verification disabled, HTTPS provides NO SECURITY. We include this information in our documentation extremely reluctantly, after having been asked about it repeatedly. We do so only because we'd rather have a single, easy-to-grep-for pattern for locating instances where security has been explicitly disabled, and furthermore use one people are already looking for, i.e. VERIFY_NONE
.
Here is how to create an OpenSSL::SSL::SSLContext
with certificate verification disabled and pass it to a request method:
ctx = OpenSSL::SSL::SSLContext.new
ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
HTTP.get("https://www.google.com", :ssl_context => ctx)