How can I make ruby's xmlrpc client ignore SSL certificate errors?

When access an XML-RPC service using xmlrpc/cli开发者_StackOverflowent in ruby, it throws an OpenSSL::SSL::SSLError when the server certificate is not valid. How can I make it ignore this error and proceed with the connection?

Turns out it's like this:

xmlrpc = ::XMLRPC::Client.new("foohost")
xmlrpc.instance_variable_get(:@http).instance_variable_set(:@verify_mode, OpenSSL::SSL::VERIFY_NONE)

That works with ruby 1.9.2, but clearly is poking at internals, so the real answer is "the API doesn't provide such a mechanism, but here's a hack".

Actually the client has been updated, now one has direct access to the http connection: https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/41286/diff/lib/xmlrpc/client.rb

xmlrpc.http.verify_mode = OpenSSL::SSL::VERIFY_NONE

But better set ca_file or ca_path. Still I see no option to apply such config to _async calls.

Update: found a workaround by monkey patching the client object:

    xmlrpc_client.http.ca_file = @options[:ca_file]
    xmlrpc_client.instance_variable_set(:@ca_file, @options[:ca_file])
    def xmlrpc_client.net_http(host, port, proxy_host, proxy_port)
      h = Net::HTTP.new host, port, proxy_host, proxy_port
      h.ca_file = @ca_file
      h
    end

So you need both, the older approach and the monkey patching. We add also an instance variable, otherwise the new method cannot see the actual value.