SSL connect returned 1 errno 0 state SSLv3 read server certificate B certificate verify failed

Question

I am using Authlogic-Connect for third party logins  After running appropriate migrations  Twitter Google yahoo logins seem to work fine but the facebook login throws exception   SSL connect returned 1 errno 0 state SSLv3 read server certificate B  certificate verify failed   The dev log shows   OpenSSL  SSL  SSLError  SSL connect returned 1 errno 0 state SSLv3 read server certificate B  certificate verify failed     app controllers users controller rb 37 in  update    Please suggest

User · Answer

Here s what I did that helped if you are specifically having a problem on Leopard   My cert was old and needed to be updated  I downloaded this   http   curl haxx se ca cacert pem  Then replaced my cert which was found here on Leopard    usr share curl curl-ca-bundle crt   Reload whatever you have that s accessing it and you should be good to go

User · Answer

If you re using RVM on OS X  you probably need to run this   rvm osx-ssl-certs update all   More information here  http   rvm io support fixing-broken-ssl-certificates  And here is the full explanation  https   github com wayneeseguin rvm blob master help osx-ssl-certs md    Update  On Ruby 2 2  you may have to reinstall Ruby from source to fix this  Here s how  replace 2 2 3 with your Ruby version    rvm reinstall 2 2 3 --disable-binary   Credit to https   stackoverflow com a 32363597 4353 and Ian Connor

User · Answer

The most straightforward answer which worked for me was this   sudo apt-get install openssl ca-certificates   And voila

User · Answer

Well this worked for me   rvm pkg install openssl rvm reinstall 1 9 2 --with-openssl-dir  rvm path usr   Something is wrong with openssl implementation of my ubuntu 12 04

User · Answer

If you are running your rails app locally then just add this line at the bottom of application rb   OpenSSL  SSL  VERIFY PEER   OpenSSL  SSL  VERIFY NONE   After this you can use the app without any issues  You may call it a hack but it is not recommended  Use only when you need to run locally

User · Answer

Just because instructions were a slight bit different for what worked for me  I thought I add my 2 cents   I m on OS X Lion and using macports and rvm  I installed curl-ca-bundle   sudo port install curl-ca-bundle   Then I adjusted my omniauth config to be this   Rails application config middleware use OmniAuth  Builder do   provider  google oauth2  APP CONFIG  CONSUMER KEY    APP CONFIG  CONSUMER SECRET                scope   gt   https   www google com m8 feeds https   www googleapis com auth userinfo profile               ssl   gt    ca path   gt    share curl curl-ca-bundle crt   end

User · Answer

Then  as this blog post suggests    How to Cure Net  HTTP   s Risky Default HTTPS Behavior   you might want to install the always verify ssl certificates gem that allow you to set a default value for ca file

User · Answer

Just run the certified-update executable and this command will make sure that all your certificates are up-to-date   This worked for my Ruby on Rails application in Windows

User · Answer

I had this same issue while working on a Ruby project  I am using Windows 7 64bit    I resolved this by    Downloading the cacert pem file from http   curl haxx se ca cacert pem  Saved that file to C  RubyCertificates cacert pem Then set my environmental variable  SSL CERT FILE  to  C  RubyCertificates cacert pem    source  https   gist github com fnichol 867550

User · Answer

Having this issue with Ruby 2 3 4    I solved it uninstalling OpenSSL and reinstalling it  I ran    brew uninstall --ignore-dependencies openssl  then   brew install openssl  It did the job

User · Answer

OSX solution    install latest rvm stable version  rvm get stable   use rvm command to solve the certificates automatically  rvm osx-ssl-certs update all

User · Answer

Sometime it s not always rvm s problem in MAC OSX if you remove  rvm the problem still espcially while you backup data from timemachine   you can try this way   1 brew update 2 brew install openssl

User · Answer

The latest rubygem-update-2 6 7 has resolved this issue  http   guides rubygems org ssl-certificate-update

User · Answer

On Mac OS X Lion with the latest macport   sudo port install curl-ca-bundle   export SSL CERT FILE  opt local share curl curl-ca-bundle crt     Then  rerun the failed job     Note  the cert file location seems to have changed since Eric G answered on May 12

User · Answer

The reason that you get this error on OSX is the rvm-installed ruby    If you run into this issue on OSX you can find a really broad explanation of it in this blog post   http   toadle me 2015 04 16 fixing-failing-ssl-verification-with-rvm html  The short version is that  for some versions of Ruby  RVM downloads pre-compiled binaries  which look for certificates in the wrong location  By forcing RVM to download the source and compile on your own machine  you ensure that the configuration for the certificate location is correct   The command to do this is   rvm install 2 2 0 --disable-binary   if you already have the version in question  you can re-install it with    rvm reinstall 2 2 0 --disable-binary    obviously  substitute your ruby version as needed

User · Answer

OS X 10 8 x with Homebrew   brew install curl-ca-bundle brew list curl-ca-bundle cp  usr local Cellar curl-ca-bundle 1 87 share ca-bundle crt  usr local etc openssl cert pem

User · Answer

While knowing it s rather a lame solution  I m still sharing this because it seems like very few people answering here use Windows  and I think some of Windows users  me included  would appreciate a simple and intuitive approach   require  openssl  puts OpenSSL  X509  DEFAULT CERT FILE   That tells where your openssl is looking for the cert file  My name is not Luis  but mine was C  Users Luis Code luislavena knap-build var knapsack software x86-windows openssl 1 0 0l ssl cert pem  The path may be different depending on each own environments  e g  openknapsack instead of luislavena    The path didn t change even after set SSL CERT FILE C  foo bar baz cert pem via the console  so    I created the directory C  Users Luis Code luislavena knap-build var knapsack software x86-windows openssl 1 0 0l ssl in my local disk and put a cert file into it    Lame as it is  this will surely work

User · Answer

Here s how you can fix it on Windows  https   gist github com 867550  created by Fletcher Nichol  Excerpt   The Manual Way  Boring  Download the cacert pem file from http   curl haxx se ca cacert pem  Save this file to C  RailsInstaller cacert pem  Now make ruby aware of your certificate authority bundle by setting SSL CERT FILE  To set this in your current command prompt session  type  set SSL CERT FILE C  RailsInstaller cacert pem  To make this a permanent setting  add this in your control panel

User · Answer

Installing the following package on Ubuntu fixed the issue for me  sudo apt-get install libssl-dev

User · Answer

Just add gem  certified  in your gemfile and run bundle install    gem  certified  bundle install

User · Answer

I ran into a similar problem when trying to use the JQuery generator for Rails 3  I solved it like this    Get the CURL Certificate Authority  CA  bundle  You can do this with    sudo port install curl-ca-bundle  if you are using MacPorts  or just pull it down directly wget http   curl haxx se ca cacert pem  Execute the ruby code that is trying to verify  the SSL certification  SSL CERT FILE  opt local etc certs cacert pem rails generate jquery install  In your case  you want to either set this as an environment variable somewhere the server picks it up or add something like ENV  SSL CERT FILE      path to your new cacert pem in your environment rb file    You can also just install the CA files  I haven t tried this  to the OS -- there are lengthy instructions here -- this should work in a similar fashion  but I have not tried this personally   Basically  the issue you are hitting is that some web service is responding with a certificate signed against a CA that OpenSSL cannot verify

User · Answer

I ve try install curl-ca-bundle with brew  but the package is no available more     brew install curl-ca-bundle Error  No available formula for curl-ca-bundle  Searching formulae    Searching taps      The solution that worked to me on Mac was      cd  usr local etc openssl certs     sudo curl -O http   curl haxx se ca cacert pem   Add this line in your    bash profile  or    zshrc for zsh    export SSL CERT FILE  usr local etc openssl certs cacert pem   Then update your terminal     source    bash profile

User · Answer

A one liner fixes it for Windows in an Admin prompt   choco install wget  first see chocolatey org   wget http   curl haxx se ca cacert pem -O C  cacert pem  amp  amp  setx  M SSL CERT FILE  C  cacert pem    Or just do this   gem sources -r https   rubygems org  gem sources -a http   rubygems org    Milanio s method   gem sources -r https   rubygems org gem sources -a http   rubygems org  gem update --system gem sources -r http   rubygems org gem sources -a https   rubygems org  gem install  NAME OF GEM

User · Answer

Here s another option for debugging purposes     Be sure never to use this in any production environment  as it will negate benefits of using SSL in the first place   It is only ever valid to do this in your local development environment   require  openssl  OpenSSL  SSL  VERIFY PEER   OpenSSL  SSL  VERIFY NONE

User · Answer

This worked for me  If you using rvm and brew    rvm remove 1 9 3 brew install openssl rvm install 1 9 3 --with-openssl-dir  brew --prefix openssl

User · Answer

I fixed this problem by running this in terminal  Full writeup is available over here  rvm install 2 2 0 --disable-binary

User · Answer

If you have a symbolic link in the  usr local etc openssl pointing to cert pem try to do this   ruby -ropenssl -e  p OpenSSL  X509  DEFAULT CERT FILE   should be  usr local etc openssl  cd  usr local etc openssl wget http   curl haxx se ca cacert pem ln -s cacert pem 77ee3751 0  77ee3751 0 is my symbolic link  should depend on the openssl version

User · Answer

The new certified gem is designed to fix this   https   github com stevegraham certified

User · Answer

I had trouble for a number of days and was hacking around  This link proved out to be extremely helpful for me  It helped me to do a successful upgrade of the SSL on MAC OS X 9

User · Answer

This can be the issue of the broken invalid SSL certificates  On mac you can use this command to update the SSL certificates   rvm osx-ssl-certs update all

User · Answer

I ran into this issue and the suggested fix of rvm osx-ssl-certs update all did not work despite that I am an RVM user on OSX    The fix that worked for me was re-installing the latest version of openssl   brew update brew remove openssl brew install openssl

User · Answer

What worked for me is a combination of answers  namely     Reinstall OpenSSL brew update brew remove openssl brew install openssl   Download CURL CA bundle cd  usr local etc openssl certs wget http   curl haxx se ca cacert pem  usr local opt openssl bin c rehash   Reinstall Ruby from source rvm reinstall 2 2 3 --disable-binary

User · Answer

I had to reinstall Ruby  This should solve it if you are using Ubuntu  amp  rbenv   rbenv uninstall your version    install dependencies sudo apt-get install autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev    install ruby with patch curl -fsSL https   gist github com mislav 055441129184a1512bb5 txt       rbenv install --patch your version   For more information  check out the rbenv Wiki on the matter

User · Answer

Adding gem  certified      gt  1 0  to my Gemfile and running bundle solved this issue for me

User · Answer

Add this to your gemfile   gem  cliver    git   gt   git   github com yaauie cliver    ref   gt   5617ce

User · Answer

The issue is that ruby can not find a root certificate to trust  As of 1 9 ruby checks this  You will need to make sure that you have the curl certificate on your system in the form of a pem file  You will also need to make sure that the certificate is in the location that ruby expects it to be  You can get this certificate at     http   curl haxx se ca cacert pem   If your a RVM and OSX user then your certificate file location will vary based on what version of ruby your using  Setting the path explicitly with  ca path is a BAD idea as your code will not be portable when it gets to production  There for you want to provide ruby with a certificate in the default location and assume your dev ops guys know what they are doing   You can use dtruss to work out where the system is looking for the certificate file    In my case the system was looking for the cert file in   Users stewart matheson  rvm usr ssl cert pem   however MACOSX system would expect a certificate in   System Library OpenSSL cert pem   I copied the downloaded cert to this path and it worked  HTH

User · Answer

Ruby can t find any root certificates to trust   Take a look at this blog post for a solution   Ruby 1 9 and the SSL error       The solution is to install the curl-ca-bundle port which contains the same root certificates used by Firefox   sudo port install curl-ca-bundle       and tell your https object to use it   https ca file     opt local share curl curl-ca-bundle crt        Note that if you want your code to run on Ubuntu  you need to set the ca path attribute instead  with the default certificates location  etc ssl certs

[ruby-on-rails] SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

Examples related to ruby-on-rails

Examples related to ruby

Examples related to ssl

Examples related to authlogic

Examples related to facebook-graph-api