Thank you. This is the best example I've seen of how to make Net::HTTP do the right thing with SSL certificates.
The reason the VERIFY_NONE fix got so popular is that, by default, if you turn on SSL support in Net::HTTP in an otherwise working codebase, your calls fail with certificate errors. The docs (http://www.ruby-doc.org/stdlib/libdoc/net/http/rdoc/index.ht...) have absolutely no helpful information except for mentioning the default of VERIFY_PEER. If you're noodling around on your own you'll discover VERIFY_NONE works well before you discover how certificate stores work.
The reason the VERIFY_NONE fix got so popular is that, by default, if you turn on SSL support in Net::HTTP in an otherwise working codebase, your calls fail with certificate errors. The docs (http://www.ruby-doc.org/stdlib/libdoc/net/http/rdoc/index.ht...) have absolutely no helpful information except for mentioning the default of VERIFY_PEER. If you're noodling around on your own you'll discover VERIFY_NONE works well before you discover how certificate stores work.