Defect #15736

WARNING: making https request to https:// ... without verifying server certificate; no CA path was specified.

Added by Marcel M over 8 years ago.

Status:NewStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Security
Target version:-
Resolution: Affected version:

Description

Hi,

when I do a openid authentication I always had this in the logs

WARNING: making https request to https://.../index.php?user=.. without verifying server certificate; no CA path was specified.

Fixing it is really simple if you know how. Simply add the following to config/environments.rb

3,5d2
< require 'openid/fetchers'
< 
< 
18d14
< OpenID.fetcher.ca_file = "#{Rails.root}/config/ca-bundle.crt" 

and create the file ca-bundle.crt which stores your trusted CAs (in pem format) . Example file content

-----BEGIN CERTIFICATE-----
<1st trusted CA in base 64 >
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<2nd trusted CA in base 64>
-----END CERTIFICATE-----

I suggest to add the changes in enviroment.rb and add a comment in the file which explains how to use it. Also this might be added to the docu somewhere.

Also available in: Atom PDF