[Haskell-beginners] HTTPS Get Request with unverifiable certificate
Friedrich Wiemer
friedrichwiemer at gmail.com
Wed Jun 12 09:24:07 CEST 2013
Great, thanks!
2013/6/12 Michael Snoyman <michael at snoyman.com>:
> You need to use runResourceT before your do-block.
>
>
> On Tue, Jun 11, 2013 at 8:56 PM, Friedrich Wiemer
> <friedrichwiemer at gmail.com> wrote:
>>
>> Adrian: yea, that would be a solution, but i looked for the changed
>> certificate checker, as Michael suggested.
>>
>> I now have this code: http://hpaste.org/89795
>> which rises a "no isntance" error like this one: http://hpaste.org/80820
>> What do I miss?
>>
>> 2013/6/11 Adrian May <adrian.alexander.may at gmail.com>:
>> > You could always ask somebody to sign your certificate for you. Somebody
>> > like http://www.startcom.org. I had great support from these guys.
>> >
>> > Adrian.
>> >
>> > On 11 Jun 2013 22:26, "Michael Snoyman" <michael at snoyman.com> wrote:
>> >>
>> >> You have to override managerCheckCerts[1] when creating your manager.
>> >> It
>> >> would look something like:
>> >>
>> >>
>> >> do
>> >> manager <- newManager def { managerCheckCerts = yourChecker }
>> >> httpLbs req manager
>> >>
>> >> yourChecker _ _ _ = return CertificateUsageAccept
>> >>
>> >> Which would allow any certificate.
>> >>
>> >> [1]
>> >>
>> >> http://haddocks.fpcomplete.com/fp/7.4.2/20130508-82/http-conduit/Network-HTTP-Conduit.html#v:managerCheckCerts
>> >>
>> >>
>> >> On Tue, Jun 11, 2013 at 5:19 PM, Friedrich Wiemer
>> >> <friedrichwiemer at gmail.com> wrote:
>> >>>
>> >>> edit:
>> >>> if I change the the url from "https://servers-ip/" to
>> >>> "https://servers-FQDN/" the error changes to:
>> >>> >*** Exception: TlsException (HandshakeFailed (Error_Protocol
>> >>> > ("certificate has unknown CA",True,UnknownCa)))
>> >>>
>> >>> so the self-signed certificate causes the error.
>> >>> How can I tell Network.HTTP.Conduit to accept unknown CA's
>> >>> certificates?
>> >>>
>> >>> 2013/6/11 Friedrich Wiemer <friedrichwiemer at gmail.com>:
>> >>> > Hey,
>> >>> >
>> >>> > I'm trying to send a HTTPS-Get Request to a private server, which
>> >>> > has
>> >>> > a self-signed ssl-certificate. Currently I use Network.HTTP.Conduit
>> >>> > and this code-snipped:
>> >>> >
>> >>> >> myGetRequest url = do
>> >>> >> req <- parseUrl url
>> >>> >> return $ req {secure = True}
>> >>> >>
>> >>> >> *Main Network.HTTP.Conduit> myGetRequest
>> >>> >> "https://my.private.server"
>> >>> >> >>= (\x -> withManager (httpLbs x))
>> >>> > which results in
>> >>> >> *** Exception: TlsException (HandshakeFailed (Error_Protocol
>> >>> >> ("certificate rejected: FQDN do not match this
>> >>> >> certificate",True,CertificateUnknown)))
>> >>> >
>> >>> > I guess that's due to the unverifiable, self-signed certificate? Can
>> >>> > I
>> >>> > disable the test or accept my certificate?
>> >>> >
>> >>> > Thanks in advance!
>> >>> > Friedrich
>> >>>
>> >>> _______________________________________________
>> >>> Beginners mailing list
>> >>> Beginners at haskell.org
>> >>> http://www.haskell.org/mailman/listinfo/beginners
>> >>
>> >>
>> >>
>> >> _______________________________________________
>> >> Beginners mailing list
>> >> Beginners at haskell.org
>> >> http://www.haskell.org/mailman/listinfo/beginners
>> >>
>> >
>> > _______________________________________________
>> > Beginners mailing list
>> > Beginners at haskell.org
>> > http://www.haskell.org/mailman/listinfo/beginners
>> >
>>
>> _______________________________________________
>> Beginners mailing list
>> Beginners at haskell.org
>> http://www.haskell.org/mailman/listinfo/beginners
>
>
>
> _______________________________________________
> Beginners mailing list
> Beginners at haskell.org
> http://www.haskell.org/mailman/listinfo/beginners
>
More information about the Beginners
mailing list