I was doing a CURL to an external API which requires signing and the gem I used was doing it via CURL. As I moved to a new admin account and did some more setting up, I found some secret underlying problems.
When I ran my CURL calls, I end up getting Curl::Err::ConnectionFailedError errors. It took me quite awhile to find the solution. I hope that this solves someone else's problem too.
Fast forward.
They switched the TLS/SSL engine used by their curl, from OpenSSL to their own Secure Transport engine. Apple's OpenSSL is still at version 0.9.8 and I doubt they will ever upgrade it, so this change improves curl's security. This is because the new engine supports TLS 1.1 and 1.2, and many new-ish cipher suites not supported by that old version of OpenSSL
When you're working on your development machine and need some signing for your CURL requests, you need a certificate.
openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
openssl rsa -passin pass:x -in server.pass.key -out server.key
rm server.pass.key
openssl req -new -key server.key -out server.csr
Generate SSL certificate: openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Finally, just add your local certificate to the security keychain.
cd your-directory
security add-trusted-cert server.crt
Now, CURL away! :)
Author
