|# Ruby + UNIX = runix|
|# If return status is 0, returns standard out.|
|# If return status is non-0, raises an exception with standard error in the message.|
|# (None of the other methods you know about have this behavior)|
|# Great overview of all ruby shell methods:|
|# dependency: open4 gem|
If you want to use curl or net-http/open-uri to access https resources, you will often (always?) get an error, because they don't have the large number of root certificates installed that web browsers have.
You can manually install the root certs, but first you have to get them from somewhere. This article gives a nice description of how to do that. The source of the cert files it points to is hosted by the curl project, who kindly provide it in the .pem format.
problem: Sadly, ironically, and comically, it's not possible to access that file via https! Luckily, the awesome curl project does provide us with the script that they use to produce the file, so we can do it securely ourselves. Here's how.
git clone https://github.com/bagder/curl.git
In my previous post I described how to securely acquire the Mozilla list of root certificates and convert them to a form usable by curl and various libraries which don't ship with them.
Next, I want to point
Net:HTTP at this file library-wide, so that it is used by all invocations of methods accessing https resources (in particular,
Kernel#open, which in ruby 1.8.7 does not have a ca_file option and is therefore unusable with https). I hunted around the ruby standard library for a couple hours and came up with this:
require 'open-uri' require 'net/https' module Net class HTTP