[jruby-dev] [jira] Created: (JRUBY-6140) Net::POP3 (and possibly other things) cannot use verify certificate when using SSL and non-root certificate

[Carl Myers (JIRA)]

Net::POP3 (and possibly other things) cannot use verify certificate when using 
SSL and non-root certificate
-----------------------------------------------------------------------------------------------------------

                 Key: JRUBY-6140
                 URL: https://jira.codehaus.org/browse/JRUBY-6140
             Project: JRuby
          Issue Type: Bug
          Components: OpenSSL
         Environment: Ubuntu Linux, sun jdk 1.6.0_26, rvm 1.6.22, jruby 1.5.6 
and 1.6.4
            Reporter: Carl Myers


Using the following ruby script:
{code}
#!/usr/bin/env ruby

require 'openssl'
require 'net/pop'

begin

  mail_server = '' # SOME SERVER HERE, e.g. mail.example.com
  mail_user = 'username'
  mail_password = 'password'

  pop = Net::POP3.new(mail_server)
  pop.enable_ssl()
  pop.start(mail_user, mail_password)

  exit 0 if pop.mails.empty?
  i = 0
  pop.each_mail do |m|
    puts "found mail: (snip)"
    m.pop
    i = i + 1
  end
  puts "#{i} mails popped"
  exit 0
end
{code}

When run using jruby 1.6.4:
{noformat}
(1:31:29):cmyers@cmyers-ubuntu:3 master] /home/cmyers/jvms/jdk1.6.0_26/bin/java 
-Djdk.home= -Djruby.home=/home/cmyers/.rvm/rubies/jruby-1.6.4 
-Djruby.script=jruby -Djruby.shell=/bin/sh 
-Djffi.boot.library.path=/home/cmyers/.rvm/rubies/jruby-1.6.4/lib/native/x86_64-Linux:/home/cmyers/.rvm/rubies/jruby-1.6.4/lib/native/ppc-Linux:/home/cmyers/.rvm/rubies/jruby-1.6.4/lib/native/i386-Linux
 -Xmx500m -Xss2048k -Djruby.memory.max=500m -Djruby.stack.max=2048k 
-Dsun.java.command=org.jruby.Main -Djava.class.path= 
-Djavax.net.ssl.trustStore=$HOME/.keystore 
-Xbootclasspath/a:/home/cmyers/.rvm/rubies/jruby-1.6.4/lib/jruby.jar 
org/jruby/Main ./pop-proxy.rb
JRuby limited openssl loaded. http://jruby.org/openssl
gem install jruby-openssl for full support.
SSL? : true
LoadError: OpenSSL::SSL requires the jruby-openssl gem
    (root) at 
/home/cmyers/.rvm/rubies/jruby-1.6.4/lib/ruby/site_ruby/shared/jruby/openssl/autoloads/ssl.rb:8
  do_start at 
/home/cmyers/.rvm/rubies/jruby-1.6.4/lib/ruby/site_ruby/shared/jruby/openssl/autoloads/ssl.rb:537
     start at /home/cmyers/.rvm/rubies/jruby-1.6.4/lib/ruby/1.8/net/pop.rb:528
    (root) at ./pop-proxy.rb:20
{noformat}

When run with cruby 1.9.2:
{noformat}
(1:35:40):cmyers@cmyers-ubuntu:3 master] 
/home/cmyers/.rvm/rubies/ruby-1.9.2-p180/bin/ruby ./pop-proxy.rb 
SSL? : true
found mail: (snip)
found mail: (snip)
2 mails popped
{noformat}

my server has a certificate signed by our internal certificate authority which 
has been added to my system's certificate store.  I also added it to the JDK's 
keystore using keytool.  I also attempted to specify an external keystore by 
setting  -Djavax.net.ssl.trustStore=$HOME/.keystore and adding my certificate 
authority to that keystore using keytool - again to no avail.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email