Ruby 如何通过具有相互身份验证的SSL连接到xml/SOAPWeb服务?
我试图使用带有证书的web服务,通过SSL发送XML/SOAP,并进行相互身份验证。我已经尝试了Ruby 如何通过具有相互身份验证的SSL连接到xml/SOAPWeb服务?,ruby,web-services,savon,net-http,mutual-authentication,Ruby,Web Services,Savon,Net Http,Mutual Authentication,我试图使用带有证书的web服务,通过SSL发送XML/SOAP,并进行相互身份验证。我已经尝试了savon和net/http,但由于相同的错误而停止: SSL\U CTX\U use\U PrivateKey:键值不匹配(HTTPI::SSLError) net/http: uri = URI.parse('https://homologacao.sefaz.mt.gov.br/nfews/v2/services/NfeStatusServico2?wsdl') pem = File.read(
savon
和net/http
,但由于相同的错误而停止:
SSL\U CTX\U use\U PrivateKey:键值不匹配(HTTPI::SSLError)
net/http:
uri = URI.parse('https://homologacao.sefaz.mt.gov.br/nfews/v2/services/NfeStatusServico2?wsdl')
pem = File.read("cert/cert.pem")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.cert = OpenSSL::X509::Certificate.new(pem)
http.key = OpenSSL::PKey::RSA.new(pem)
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
http.start
WSDL_URL = 'https://homologacao.sefaz.mt.gov.br/nfews/v2/services/NfeStatusServico2?wsdl'
client = Savon.client(
wsdl: WSDL_URL,
ssl_version: :SSLv3,
ssl_verify_mode: :peer,
ssl_cert_file: 'cert/cert.pem',
ssl_cert_key_file: 'cert/private_key.pem',
# ssl_cert_key_password: '123456789',
env_namespace: :soap,
namespace_identifier: nil
)
response = client.call(:nfeStatusServicoNF2, message: "test")
savon:
uri = URI.parse('https://homologacao.sefaz.mt.gov.br/nfews/v2/services/NfeStatusServico2?wsdl')
pem = File.read("cert/cert.pem")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.cert = OpenSSL::X509::Certificate.new(pem)
http.key = OpenSSL::PKey::RSA.new(pem)
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
http.start
WSDL_URL = 'https://homologacao.sefaz.mt.gov.br/nfews/v2/services/NfeStatusServico2?wsdl'
client = Savon.client(
wsdl: WSDL_URL,
ssl_version: :SSLv3,
ssl_verify_mode: :peer,
ssl_cert_file: 'cert/cert.pem',
ssl_cert_key_file: 'cert/private_key.pem',
# ssl_cert_key_password: '123456789',
env_namespace: :soap,
namespace_identifier: nil
)
response = client.call(:nfeStatusServicoNF2, message: "test")
有解决办法吗?谢谢 Savon使用HTTPI进行http通信。HTTPI选择系统上安装的一个客户端。您应该打开日志记录以查看它使用的客户端,或者您可以强制它使用net/http。如果我没记错的话,那么net/http不是首选客户端。我个人使用HTTPClient来处理我的所有http内容。您尝试过http.rb吗?证书与FQDN绑定。您正在尝试连接到
acao.sefaz.mt.gov.br
;您的cert.pem
是否生成以验证对此特定域的请求?您是否找到了使用Savon调用HTTPS SOAP Web服务的解决方案?