Client certificates with https


O

orangekay

In order to connect to my secure payment gateway I need to supply a
certificate they provide for me in the form of a PEM file. In all of
their example code they accomplish this by setting a path to that file
in curl's options, and while I know there is a Ruby extension that
makes libcurl available, I am wondering if it is possible to accomplish
this same thing using the built-in functionality of NET::HTTP and
OpenSSL.

Looking through the OpenSSL "documentation" I see that there are
writable attributes named "cert" and "key" that would seem to provide
this ability, but I have no idea what I'm supposed to pass where. Does
it want a path or the actual data, and do I need to supply values for
both if the PEM file contains both the key and certificate in one
place? I'm rather new to Ruby and honestly have not been able to figure
out how anyone is expected to find anything in these three-paned RDoc
windows unless they already know where it is, so any info would be
greatly appreciated.
 
Ad

Advertisements

O

orangekay

I'm pathetically replying to my own post with the solution I have come
up with since there is absolutely no example code for getting Ruby to
talk to the Linkpoint gateway out there. Hopefully it will get indexed
and help someone else who finds themselves in a similar position
someday.

This example posts a phony order to the testing server. In order to
talk to the real server, you'll simply need to change the host to
"secure.linkpoint.net" in the URL.

You'll need to supply your store number in the "configfile" element of
the XML, and you'll need to provide a valid path to your own PEM file
to File.read. Once those things are done, you should get a response and
be ready to take it from there.

---------------------------------

#!/usr/bin/ruby

require 'net/https'
require 'uri'
require 'rexml/document'

xml_string = <<-END_XML
<order>

<orderoptions>

<result>GOOD</result>

<ordertype>SALE</ordertype>

</orderoptions>

<merchantinfo>

<configfile>PUT YOUR STORE NUMBER HERE!!!!!!!!!</configfile>

</merchantinfo>

<creditcard>

<cardnumber>4111111111111111</cardnumber>

<cardexpmonth>12</cardexpmonth>

<cardexpyear>08</cardexpyear>

</creditcard>

<payment>

<chargetotal>1.03</chargetotal>

</payment>

</order>
END_XML

#Parse the URL to the Linkpoint gateway script.
uri = URI.parse('https://staging.linkpt.net:1129/LSGSXML')

#Read the PEM file into a string. You'll need to supply your own path
to your own PEM file here obviously
pem_file = File.read('/home/yourdomain/storenumber.pem')

#Create a new HTTP connection and configure it for SSL
#with a client-side certificate which we build from the
#PEM file's data.
connection = Net::HTTP.new(uri.host, uri.port)
connection.use_ssl = true
connection.verify_mode = OpenSSL::SSL::VERIFY_NONE
connection.cert = OpenSSL::X509::Certificate.new(pem_file)
connection.key = OpenSSL::pKey::RSA.new(pem_file)

#Send the XML as POST data after ridding it of excess whitespace.
raw_response = connection.post(uri.path, xml_string.gsub!(/\s/, ''))

#Parse the (invalid!) XML response into an array of values for ease of
processing.
#REXML will complain about the multiple root elements unless we wrap
what
#Linkpoint sends us up in another set of tags.
response_doc_root =
REXML::Document.new("<doc>#{raw_response.body}</doc>").root

#Build a hash containing the key/value pairs from the response.
response_values = Hash.new

response_doc_root.each_element() {|element|
response_values["#{element.name}"] = element.text if element.text !=
nil }

#Process those values however you like. This just prints them out.
response_values.each() {|key, val| puts "#{key} => #{val}\n" }

-----------------------------------
 

Top