[Haskell-beginners] HTTPS Get Request with unverifiable certificate
Michael Snoyman
michael at snoyman.com
Tue Jun 11 16:23:50 CEST 2013
You have to override managerCheckCerts[1] when creating your manager. It
would look something like:
do
manager <- newManager def { managerCheckCerts = yourChecker }
httpLbs req manager
yourChecker _ _ _ = return CertificateUsageAccept
Which would allow any certificate.
[1]
http://haddocks.fpcomplete.com/fp/7.4.2/20130508-82/http-conduit/Network-HTTP-Conduit.html#v:managerCheckCerts
On Tue, Jun 11, 2013 at 5:19 PM, Friedrich Wiemer <friedrichwiemer at gmail.com
> wrote:
> edit:
> if I change the the url from "https://servers-ip/" to
> "https://servers-FQDN/" the error changes to:
> >*** Exception: TlsException (HandshakeFailed (Error_Protocol
> ("certificate has unknown CA",True,UnknownCa)))
>
> so the self-signed certificate causes the error.
> How can I tell Network.HTTP.Conduit to accept unknown CA's certificates?
>
> 2013/6/11 Friedrich Wiemer <friedrichwiemer at gmail.com>:
> > Hey,
> >
> > I'm trying to send a HTTPS-Get Request to a private server, which has
> > a self-signed ssl-certificate. Currently I use Network.HTTP.Conduit
> > and this code-snipped:
> >
> >> myGetRequest url = do
> >> req <- parseUrl url
> >> return $ req {secure = True}
> >>
> >> *Main Network.HTTP.Conduit> myGetRequest "https://my.private.server"
> >>= (\x -> withManager (httpLbs x))
> > which results in
> >> *** Exception: TlsException (HandshakeFailed (Error_Protocol
> ("certificate rejected: FQDN do not match this
> certificate",True,CertificateUnknown)))
> >
> > I guess that's due to the unverifiable, self-signed certificate? Can I
> > disable the test or accept my certificate?
> >
> > Thanks in advance!
> > Friedrich
>
> _______________________________________________
> Beginners mailing list
> Beginners at haskell.org
> http://www.haskell.org/mailman/listinfo/beginners
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.haskell.org/pipermail/beginners/attachments/20130611/bfc4c772/attachment.htm>
More information about the Beginners
mailing list