Connecting to Stripe

Hi Maarten,

with your Security.X509.X509Registry default addTrusted: ‘...’

I also get: uhe: mnu: #subjectDNInBytes.

But if I save your certificate into a file ('test.crt' simple text file), and use

X509Registry readTrustedCertificatesFromFile: 'test.crt'.

it seems to work.

You can inspect the Security.X509.X509Registry default

trustedCertificates.

I hope this helps,

Janos

From: [hidden email] [mailto:[hidden email]] On Behalf Of [hidden email]
Sent: Mittwoch, 5. August 2015 13:21
To: VWNC
Subject: [vwnc] Connecting to Stripe

Hi,

If I execute the following in a workspace I get a resumable UHE indicating CA Not in Trust Registry.

httpClient := HttpClient new.
httpClient username: 'sk_test_xLXI0CVe827VzXGIp9VpJYCC' password: 'pk_test_PJX8ts6a9DfwrliAdNl06Ls8'.
httpClient useBasicAuth.
httpClient tlsSubjectVerifier: [:cert | true].
request := Net.HttpRequest method: 'GET' url: 'https://api.stripe.com/v1/charges'.
response := httpClient executeRequest: request

If you resume you can see that Stripe responds with code 200 which is correct.

In order to avoid the UHE my reaction was to extract the certificates from the chain with chain first asPEMString

to add them to the default registry, if you execute the next snipet you can see this also fails.

The question how to make my HttpRequest proceed with certificate hurdles.

Security.X509.X509Registry default addTrusted: '-----BEGIN CERTIFICATE-----
MIIHSzCCBjOgAwIBAgIQDjlPeoLzxQW2LNy9865k2DANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQG
EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSgw
JgYDVQQDEx9EaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBDQS0xMB4XDTE1MDgwNDAwMDAwMFoX
DTE1MTIzMDEyMDAwMFowgf0xHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0aW9uMRMwEQYLKwYB
BAGCNzwCAQMTAlVTMRkwFwYLKwYBBAGCNzwCAQITCERlbGF3YXJlMRAwDgYDVQQFEwc0Njc1NTA2
MSEwHwYDVQQJExgzMTgwIDE4dGggU3QuLCBTdWl0ZSAxMDAxDjAMBgNVBBETBTk0MTEwMQswCQYD
VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIG
A1UEChMLU3RyaXBlLCBJbmMxFzAVBgNVBAMTDmFwaS5zdHJpcGUuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEA54Nnjdr8W8WC9SFKWaVm4PotxvCyqnMk7FqIEFJoaCMTUKQrM32J
hgiPUEp4Dg/Xn7ll4HDClm25R/uTD/dwZBuSb71WuCFH21ijys4bOC5KOfp8Dtbda/1IxbI+YsiB
tN+8v8aDO0PD5MZfRRFRD0TSYiS475v6+LfzTefpJdQCS9PXNZeNYHnEx7HfipqkwZ2Jzq9tK+hg
Nnr95B3p5JPS58B5mot4a9xMB2w2mznIqkfUqVZmoyENCPfbgAJf6skyumm85+P4VVqQUvergTyW
0VuUoe9il1bB/jsfB++3u6lfKqGoqGcV+1cp3Z/qgo/dFLfZFyix/r4HLNLLXQIDAQABo4IDWDCC
A1QwHwYDVR0jBBgwFoAUTFjLJfBBT1L0KMiBQ5umqKDmkuUwHQYDVR0OBBYEFDGS/DV1Hmova+T3
zDStJh29I8uRMC0GA1UdEQQmMCSCDmFwaS5zdHJpcGUuY29tghJ3d3cuYXBpLnN0cmlwZS5jb20w
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBjBgNVHR8EXDBa
MCugKaAnhiVodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vZXZjYTEtZzUuY3JsMCugKaAnhiVodHRw
Oi8vY3JsNC5kaWdpY2VydC5jb20vZXZjYTEtZzUuY3JsMEIGA1UdIAQ7MDkwNwYJYIZIAYb9bAIB
MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwfQYIKwYBBQUHAQEE
cTBvMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRwYIKwYBBQUHMAKGO2h0
dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVkNBLTEuY3J0
MAwGA1UdEwEB/wQCMAAwggF8BgorBgEEAdZ5AgQCBIIBbASCAWgBZgB1AKS5CZC0GFgUh7sTosxn
cAo8NZgE+RvfuON3zQ7IDdwQAAABTvak8ooAAAQDAEYwRAIgdh2tPlzdSK1L6kLs2zTfoEb52niG
7qeYPQzTNiGgd78CIEzP1mJYbW4f3I25qhd5O/2xzD6yC/c9KWusR8H6+OF/AHYAaPaY+B9kgr46
jO65KB1M/HFRXWeT1ETRCmesu09P+8QAAAFO9qTyigAABAMARzBFAiBUnPrmlyY5rFpNGlekoFOq
FMl1W2NegBS+FwumXak4/gIhAMDBq2dXKLO7YSvbGfYQ6+GWQTgTCcj/4eAaizq+hhAwAHUAVhQG
mi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFO9qTzxgAABAMARjBEAiA28RdBNi1kTXGQ
IiTiDd83Tb92Q2BsY+nfrnUjOV0cVQIgbyhQpfbtbRH4Xb+XlCNNFXSSq3ucOUWvMR2r8Ua6Ugkw
DQYJKoZIhvcNAQEFBQADggEBADJKBwp8dugawRgJ3GRZ6BsnVOIICYky0XcBHNfCxZ4Lfd1Cmx/T
COvF6w+q2PYWyr1+HyMY55v33rb72aefzRO0D/zioZomS2iKJulJo6R5QCp89w4cPhK1qf7C95wX
DFev0EfOe+p0EsQI5qUpFAR77Ka9CULKqaZO7NcSlQufI8GYvoppJ+xRR58VTHeJcMISukDfjW8o
DO8tbGe7tNVoaDv200c2vJIunQm5p64xDA2JAFR3FxNwnL+vzLak/56ZfwVvupfeilv7AcUfwnWc
XFPwzgmTGQ8zlCb9E//B2+wNLvQPrWrfAqsi4UeSAFNDieH2bi7XC7UMnYjb03o=
-----END CERTIFICATE-----'

Maarten MOSTERT

28 Av Alphonse Denis

83400 Hyères, France

+33 676411296 

http://stakepoint.com/