How to bypass SSL certificate verification in open-uri?

I try to access a file with open-uri over an https connection. Unfortunately somethings wrong with the certificate, I get a certificate verify failed error. I can't do anything about that, so I have to bypass the verification.

I found this answer

I don't want to / can't change the oen-uri.rb on the server, and I'm running Ruby 1.8.6.

How do I change the verify mode? Or more exactly where do I change it?

Where can I put this?

if target.class == URI::HTTPS  
 require 'net/https'  
 http.use_ssl = true   
 http.verify_mode = OpenSSL::SSL::VERIFY_NONE  
 store = OpenSSL::X509::Store.new  
 store.set_default_paths  
 http.cert_store = store
end

or the dirty hack: where can I put this?

OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE

Warning, do not do this in production, you are disabling SSL completely this way.

If you really don't want the additional security of using certificate verification, and can upgrade to Ruby 1.9.3p327+, you can pass the ssl_verify_mode option to the open method. Here for example is how I'm doing it:

request_uri=URI.parse('myuri?that_has=params&encoded=in_it&optionally=1')

# The params incidentally are available as a String, via request_uri.query
output = open(request_uri, {ssl_verify_mode: OpenSSL::SSL::VERIFY_NONE})
obj = JSON.parse output.readlines.join("")

Found it out myself now: I used the dirty hack, which works fine for me.

I had to put it into: yourrailsapp/initalizers/

There I created a bypass_ssl_verification_for_open_uri.rb

And put:

OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE

it's good (it may spawn uninitialized constant OpenSSL (NameError)) to put require 'openssl' before that line, so

app/config/initializers/bypass_ssl_verification_for_open_uri.rb (filename of initializer doesn' matter)

require 'openssl'
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE