Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Example how to use wreq with ssl
{-# LANGUAGE OverloadedStrings #-}
module Network.HttpSSL (
postSSL
, SSLOptions (..)
) where
{-
build-depends:
wreq
, HsOpenSSL
, http-client-openssl
, lens
-}
import Control.Lens
import Data.ByteString.Lazy (ByteString)
import Network.HTTP.Client.OpenSSL
import Network.Wreq
import OpenSSL (withOpenSSL)
import OpenSSL.Session (SSLContext)
import qualified OpenSSL.Session as SSL
data SSLOptions = SSLOptions {
optionsClientCert :: FilePath
, optionsCaCert :: FilePath }
setupSSLCtx :: SSLOptions -> IO SSLContext
setupSSLCtx (SSLOptions clientCert caCert) =
do ctx <- SSL.context
SSL.contextSetPrivateKeyFile ctx clientCert
SSL.contextSetCertificateFile ctx caCert
return ctx
postSSL :: SSLOptions -- ^ Options
-> String -- ^ URL
-> ByteString
-> IO (Response ByteString)
postSSL sopts url b =
let mkOpts c = defaults & manager .~ Left (opensslManagerSettings c)
call o = postWith (mkOpts o) url
in withOpenSSL $ call (setupSSLCtx sopts) b
@umurgdk

This comment has been minimized.

Copy link

@umurgdk umurgdk commented Feb 14, 2016

Oh after hours finally manage to make a request to Docker Rest API. For servers such as Docker you need to force openssl library to use TLSv1 like:

SSL.contextAddOption           ctx SSL.SSL_OP_NO_SSLv2
SSL.contextAddOption           ctx SSL.SSL_OP_NO_SSLv3

There is also SSL_OP_NO_TLSv1in case of you want to force library to use something else.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.