Charles Rajesh wrote:
> 2) I did the following cmd to find the client side certificate location 
> folder
>>openssl version -d
> OPENSSLDIR: "C:/lan/ssl"
> -- But I didn't find the above path in my system! is there anyother way 
> to find it ?

dir /s perhaps?

Is it cygwin, or some native Win32 openssl? Maybe it even could be 
configured to use the Windows cert store, I have no idea.

> 3) I tried the following cmd in my Linux(i686 athlon i386 GNU/Linux) 
> machine
>> openssl s_client -CApath /usr/share/ssl -connect www.paypal.com:443
> -- I got a "Verify return code: 0 (ok)" for the above cmd

So your app should work on Linux with

  http.ca_path = "/usr/share/ssl"

> 4) From your previous detailed explanation i very well understood my 
> issue and the ssl verification flow. So if i've the server's certificate 
> in my app's root(in case of RoR app, in Win XP), i'd be able to 
> successfully connect to paypal..?? Or is it enough to supply the openssl 
> certificates path of windows somewhere in the code..??

You need to supply the collection of known trusted root CA certificates 
(which includes Verisign's certificate).

At worst, you could copy verisign's cert, or the whole CA bundle, from 
Ubuntu to XP. I expect there's a cleaner Windowsy way, but as I hate 
Windows and don't use it, I'm afraid I can't help you there.

Regards,

Brian.
-- 
Posted via http://www.ruby-forum.com/.