RejectedSoftware Forums

Sign up

REST api and SSL context

avatar
Julien Ganichot
Posted Fri, 10 Oct 2014 15:47:02 GMT
Reply

Hi,

I'm currently working on a REST API using Vibe-d.
Everything worked fine so far. Then I tried to use the SSL context to be secure and use HTTPS.
I generated my key, my certificate and set it up using those three gentle lines: 

settings.sslContext = createSSLContext(SSLContextKind.server, SSLVersion.any);
settings.sslContext.usePrivateKeyFile("SSL\\host.key");
settings.sslContext.useCertificateChainFile(`SSL\host.cert`);

I ran this code, then I tried to make a GET request over HTTPS, but then I had an SSL error unknown ca
So I jumped on the Documentation and added the following line: 

settings.sslContext.peerValidationMode = SSLPeerValidationMode.none;

But it didn't solve the problem...
Am I missing something?

Thanks

Re: REST api and SSL context

avatar
Sönke Ludwig
Posted Mon, 13 Oct 2014 13:07:05 +0200 in reply to Julien Ganichot
Reply

Am 10.10.2014 17:47, schrieb Julien Ganichot:

Hi,

I'm currently working on a REST API using Vibe-d.
Everything worked fine so far. Then I tried to use the SSL context to be secure and use HTTPS.
I generated my key, my certificate and set it up using those three gentle lines: 

settings.sslContext = createSSLContext(SSLContextKind.server, SSLVersion.any);
settings.sslContext.usePrivateKeyFile("SSL\\host.key");
settings.sslContext.useCertificateChainFile(`SSL\host.cert`);

I ran this code, then I tried to make a GET request over HTTPS, but then I had an SSL error unknown ca
So I jumped on the Documentation and added the following line: 

settings.sslContext.peerValidationMode = SSLPeerValidationMode.none;

But it didn't solve the problem...
Am I missing something?

Thanks

Did you make the request using a web browser? I'm not sure, but it could
be that the error simply results from the browser rejecting the
connection. In that case there is nothing that can be done on the server
side, but the certificate would have to be added to the browser's list
of trusted certificates.

Re: REST api and SSL context

avatar
Julien Ganichot
Posted Wed, 15 Oct 2014 15:45:02 GMT in reply to Sönke Ludwig
Reply

On Mon, 13 Oct 2014 13:07:05 +0200, Sönke Ludwig wrote:

Am 10.10.2014 17:47, schrieb Julien Ganichot:

Hi,

I'm currently working on a REST API using Vibe-d.
Everything worked fine so far. Then I tried to use the SSL context to be secure and use HTTPS.
I generated my key, my certificate and set it up using those three gentle lines: 

settings.sslContext = createSSLContext(SSLContextKind.server, SSLVersion.any);
settings.sslContext.usePrivateKeyFile("SSL\\host.key");
settings.sslContext.useCertificateChainFile(`SSL\host.cert`);

I ran this code, then I tried to make a GET request over HTTPS, but then I had an SSL error unknown ca
So I jumped on the Documentation and added the following line: 

settings.sslContext.peerValidationMode = SSLPeerValidationMode.none;

But it didn't solve the problem...
Am I missing something?

Thanks

Did you make the request using a web browser? I'm not sure, but it could
be that the error simply results from the browser rejecting the
connection. In that case there is nothing that can be done on the server
side, but the certificate would have to be added to the browser's list
of trusted certificates.

Thanks for your reply!

I'll try this ASAP and I'll keep you posted!