S3Sync.net
February 02, 2014, 01:19:24 PM
Welcome,
Guest
. Please
login
or
register
.
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Home
Help
Search
Login
Register
S3Sync.net
>
General Category
>
General Discussion
>
Getting CA certificates, re-examined
Pages: [
1
]
« previous
next »
Print
Author
Topic: Getting CA certificates, re-examined (Read 7137 times)
ferrix
Sr. Member
Posts: 363
(I am greg13070 on AWS forum)
Getting CA certificates, re-examined
«
on:
February 15, 2008, 12:47:05 AM »
For -s (--ssl) You used to be able to use just one certificate (with SSL_CERT_FILE) to identify all the s3.amazonaws.com, but recently AWS has started using more than one CA. So oops, syncs will start failing....
There is a debian package ca-certificates; this is what I'm using now.
apt-get install ca-certificates
and then use:
SSL_CERT_DIR=/etc/ssl/certs
But what if you don't know how to get certs for your platform in a format that ruby can digest?
Well first I recommend seeing if your vendor has a "correct" way to get a trusted CA list set up.
In case it's helpful, I synced my "/etc/ssl/certs" dir to ServEdge_pub:s3sync/certs
So you can pull my copy of the certs dir down if you want. It turns out all the cert files are just symlinks to the ca-certificates.crt file. So you could just use s3cmd to get ServEdge_pub:s3sync/certs/ca-certificates.crt, and then use the SSL_CERT_FILE setting to point ruby at that. That's how I do it in Windows, because the symlinks don't translate cross platform anyway.
Logged
maelcum
Newbie
Posts: 43
Re: Getting CA certificates, re-examined
«
Reply #1 on:
February 15, 2008, 07:36:07 AM »
Works like a charm.
Thanks for providing the ca-certificates.cer directly! Makes things so much easier.
Cheers
maelcum
Logged
Pages: [
1
]
Print
« previous
next »
Jump to:
Please select a destination:
-----------------------------
General Category
-----------------------------
=> Announcements
=> Questions
=> General Discussion
=> Report Bugs
===> Closed Bugs
=> Feature Requests
Loading...