From: George Alatrash on
Client Certificate error on Mac OS X 10.6.4

I've been trying to connect to a web service over https where the
service requires the client to be authenticated using a server signed
certificate (note the server's certificate is signed from a trusted root
certification authority).

The code below shows a sample that I used to test the communication
(with some tweak to hide my own details). The code works OK on Windows
and Linux (kernel 2.6.x) systems, but fails on Mac OS X 10.6.4 with
(Timeout::Error). When I traced the wire messages I found the error is
due to encryption - the server responds with Encrypted Alert =
decryption_failed(21) which, acording to SSL/TLS proocol RFC2246, is:
A TLSCiphertext decrypted in an invalid way: either it wasn`t an
even multiple of the block length or its padding values, when
checked, weren`t correct. This message is always fatal.

Does anyone know the cause of this error or how to fix it? Is this an
error in the core Net:HTTPS and SSL core Ruby libraries specific to Mac

cer_file = File.dirname(__FILE__) + '/cert.pem'
key_file = File.dirname(__FILE__) + '/key.pem'

cert =
key =

uri = URI.parse("")
http =, uri.port)
http.open_timeout = 5
http.read_timeout = 5

http.use_ssl = (uri.scheme == "https")
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
http.cert =
http.key =

http.verify_callback = {
puts "===> in verify_callback -- #{}"

request =

request.body =
'<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:wsdl=""

resp = http.request(request)
puts "response => #{resp.inspect}"

Note the same code (and same certificate and key files) works on Windows
and Linux but not Mac OSX.
I tried on the Mac with Ruby 1.8.6 and 1.8.7.
Posted via