Menu
When I try:
HTTPoison.get! "https://facebook.com"
I get:
** (HTTPoison.Error) {:tls_alert, 'unknown ca'}
[error] SSL: :certify: ssl_handshake.erl:1606:Fatal error: unknown ca
(httpoison) lib/httpoison.ex:66: HTTPoison.request!/5
which is kind of expected since in my company I need to trust the firewall's certificate to get out.
I have trusted the certificate (.cer file) system wide, which is why wget doesn't give me ssl errors when accessing https URLs. But it seems that hackney/HTTPoison ignores this configuration.
How to I make HTTPoison/hackney recognize the certificate as a trusted certificate?
925
I recently ran into this issue as well. What worked for me was passing the location of the cert file directly to hackney as suggested by the dev in this ticket:
opts = [{:ssl_options, [{:cacertfile, "/<path to my cert>/MyCertificates.pem"}]}]
HTTPoison.post(login, headers, hackney: opts)
Alternatively you could perform the SSL connection without checking the certificate (more about request options here):
HTTPoison.post(login, headers, hackney: [:insecure])
Cert file paths are being passed toHTTPoison options like this:
defp add_certs do
[
hackney: [ # :hackney options
ssl_options: [ # :ssl options
cacertfile: # CA certificate used to validate server cert; path(), "string" is ok
certfile: # client certificate, signed by CA; path(), "string" is ok
keyfile: # private key for client.crt; path(). "string" is ok
password: # password for keyfile; string(), "string" not ok, use 'char list'
]
]
]
end
HTTPoison.post(url, request_xml, headers, add_certs)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With