February 02, 2014, 01:21:48 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
   Home   Help Search Login Register  
Pages: [1]
Author Topic: Getting CA certificates, re-examined  (Read 7138 times)
Sr. Member
Posts: 363

(I am greg13070 on AWS forum)

View Profile
« on: February 15, 2008, 12:47:05 AM »

For -s (--ssl) You used to be able to use just one certificate (with SSL_CERT_FILE) to identify all the s3.amazonaws.com, but recently AWS has started using more than one CA.  So oops, syncs will start failing....

There is a debian package ca-certificates; this is what I'm using now.
apt-get install ca-certificates
and then use:

But what if you don't know how to get certs for your platform in a format that ruby can digest?
Well first I recommend seeing if your vendor has a "correct" way to get a trusted CA list set up. 

In case it's helpful, I synced my "/etc/ssl/certs" dir to ServEdge_pub:s3sync/certs
So you can pull my copy of the certs dir down if you want.  It turns out all the cert files are just symlinks to the ca-certificates.crt file.  So you could just use s3cmd to get ServEdge_pub:s3sync/certs/ca-certificates.crt, and then use the SSL_CERT_FILE setting to point ruby at that.  That's how I do it in Windows, because the symlinks don't translate cross platform anyway.
Posts: 43

View Profile
« Reply #1 on: February 15, 2008, 07:36:07 AM »

Works like a charm.
Thanks for providing the ca-certificates.cer directly! Makes things so much easier.


Pages: [1]
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!