[Haskell-beginners] HTTPS Get Request with unverifiable certificate
Adrian May
adrian.alexander.may at gmail.com
Tue Jun 11 16:46:14 CEST 2013
You could always ask somebody to sign your certificate for you. Somebody
like http://www.startcom.org. I had great support from these guys.
Adrian.
On 11 Jun 2013 22:26, "Michael Snoyman" <michael at snoyman.com> wrote:
> You have to override managerCheckCerts[1] when creating your manager. It
> would look something like:
>
>
> do
> manager <- newManager def { managerCheckCerts = yourChecker }
> httpLbs req manager
>
> yourChecker _ _ _ = return CertificateUsageAccept
>
> Which would allow any certificate.
>
> [1]
> http://haddocks.fpcomplete.com/fp/7.4.2/20130508-82/http-conduit/Network-HTTP-Conduit.html#v:managerCheckCerts
>
>
> On Tue, Jun 11, 2013 at 5:19 PM, Friedrich Wiemer <
> friedrichwiemer at gmail.com> wrote:
>
>> edit:
>> if I change the the url from "https://servers-ip/" to
>> "https://servers-FQDN/" the error changes to:
>> >*** Exception: TlsException (HandshakeFailed (Error_Protocol
>> ("certificate has unknown CA",True,UnknownCa)))
>>
>> so the self-signed certificate causes the error.
>> How can I tell Network.HTTP.Conduit to accept unknown CA's certificates?
>>
>> 2013/6/11 Friedrich Wiemer <friedrichwiemer at gmail.com>:
>> > Hey,
>> >
>> > I'm trying to send a HTTPS-Get Request to a private server, which has
>> > a self-signed ssl-certificate. Currently I use Network.HTTP.Conduit
>> > and this code-snipped:
>> >
>> >> myGetRequest url = do
>> >> req <- parseUrl url
>> >> return $ req {secure = True}
>> >>
>> >> *Main Network.HTTP.Conduit> myGetRequest "https://my.private.server"
>> >>= (\x -> withManager (httpLbs x))
>> > which results in
>> >> *** Exception: TlsException (HandshakeFailed (Error_Protocol
>> ("certificate rejected: FQDN do not match this
>> certificate",True,CertificateUnknown)))
>> >
>> > I guess that's due to the unverifiable, self-signed certificate? Can I
>> > disable the test or accept my certificate?
>> >
>> > Thanks in advance!
>> > Friedrich
>>
>> _______________________________________________
>> Beginners mailing list
>> Beginners at haskell.org
>> http://www.haskell.org/mailman/listinfo/beginners
>>
>
>
> _______________________________________________
> Beginners mailing list
> Beginners at haskell.org
> http://www.haskell.org/mailman/listinfo/beginners
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.haskell.org/pipermail/beginners/attachments/20130611/ec5568af/attachment.htm>
More information about the Beginners
mailing list