I have a very basic script to access a SSL encrypted site that uses 
client certificates. Problem is that I continue to get 401 unauthorized 
error even though the certificate works in a browser and I've verified 
that the username/password used in the script to be the exact same 
values that work in a browser.

Here is the script:

#!c:/ruby/bin/ruby.exe
CERT_FILE = "c:/certs/jim_nopw.pem"
require 'net/https'
https = Net::HTTP.new('some_website.com', 443)
https.use_ssl = true
https.cert = OpenSSL::X509::Certificate.new( File.read(CERT_FILE) )
https.key = OpenSSL::PKey::RSA.new( File.read(CERT_FILE) )
https.verify_mode = OpenSSL::SSL::VERIFY_NONE
https.read_timeout = 120
https.start do |https|
  request = Net::HTTP::Get.new('/default.asp')
  request.basic_auth 'DOMAIN\username', 'password'
  response = https.request(request)
  response.value
  puts response.body
end

This is the error output:
401 "Unauthorized"
    C:/ruby/lib/ruby/1.8/net/http.rb:2106:in `error!'
    C:/ruby/lib/ruby/1.8/net/http.rb:2115:in `value'
    C:/MyApps/Ruby/webchecker2.rb:19
    C:/ruby/lib/ruby/1.8/net/http.rb:547:in `start'
    C:/MyApps/Ruby/webchecker2.rb:13
C:/ruby/lib/ruby/1.8/net/http.rb:2106:in `error!': 401 "Unauthorized" 
(Net::HTTPServerException)
    from C:/ruby/lib/ruby/1.8/net/http.rb:2115:in `value'
    from C:/MyApps/Ruby/webchecker2.rb:19
    from C:/ruby/lib/ruby/1.8/net/http.rb:547:in `start'
    from C:/MyApps/Ruby/webchecker2.rb:13

Getting back to the certificate, here is how I manipulated it from a 
browser to what I am feeding my Ruby script:

- Export the certificate from IE7 to c:\certs\jim.pfx
- Convert the certificate from PKCS12 format to non-password protected 
PEM format according to OpenSSL howto at 
http://www.madboa.com/geek/openssl/#cert-pkcs12:
C:\OpenSSL\bin>openssl pkcs12 -in c:\certs\jim.pfx -out 
c:\certs\jim_nopw.pem -nodes
Enter Import Password:
MAC verified OK

C:\OpenSSL\bin>type c:\certs\jim_nopw.pem
Bag Attributes
    localKeyID: 01 00 00 00
    friendlyName: {65C0E138-9765-4B64-A591-ADC0CB302B31}
    Microsoft CSP Name: Microsoft Enhanced Cryptographic Provider v1.0
Key Attributes
    X509v3 Key Usage: 10
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQDGHTOVdo3SDvysWTh1OTinMWSjQhqpPcxO24KbDdyWQml7iInv
... lines deleted and characters changed to protect my private key
Rf7cP02FJmftyH3D6hiK0Pzjv4a7d1vwWqj3naIB4Q==
-----END RSA PRIVATE KEY-----
Bag Attributes
    localKeyID: 01 00 00 00
subject=/C=US/O=Organization/OU=ECA/OU=ORC/OU=Company/CN=Clark.James.ORC1000099999.ID
issuer=/C=US/O=Organization/OU=ECA/OU=Certification Authorities/CN=ORC ECA
-----BEGIN CERTIFICATE-----
MIIEPjCCA6egAwIBAgICeYQwDQYJKoZIhvcNQWEFBQAwazELMAkG2ErEBhMCVVMx
... lines deleted and characters changed to alter certificate
0/fVUv7Lx56ceXkQ7hDGiMXv32TWIp6CO+fkQkQhZ7wevA==
-----END CERTIFICATE-----

C:\OpenSSL\bin>


Anyone have any thoughts on what else I should be doing?

My environment:
Windows XP sp2
ruby 1.8.6 (2007-09-24 patchlevel 111) [i386-mswin32]

Thanks in advance,
Jim