Project

General

Profile

Actions

Defect #15736

closed

WARNING: making https request to https:// ... without verifying server certificate; no CA path was specified.

Added by Marcel M about 10 years ago. Updated 2 months ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Affected version:

Description

Hi,

when I do a openid authentication I always had this in the logs

WARNING: making https request to https://.../index.php?user=.. without verifying server certificate; no CA path was specified.

Fixing it is really simple if you know how. Simply add the following to config/environments.rb

3,5d2
< require 'openid/fetchers'
< 
< 
18d14
< OpenID.fetcher.ca_file = "#{Rails.root}/config/ca-bundle.crt" 

and create the file ca-bundle.crt which stores your trusted CAs (in pem format) . Example file content

-----BEGIN CERTIFICATE-----
<1st trusted CA in base 64 >
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<2nd trusted CA in base 64>
-----END CERTIFICATE-----

I suggest to add the changes in enviroment.rb and add a comment in the file which explains how to use it. Also this might be added to the docu somewhere.

Actions #1

Updated by Holger Just 2 months ago

  • Status changed from New to Closed

OpenID support was removed in Redmine 5.0.0 with #35755.

Actions

Also available in: Atom PDF