My Environment, % openssl version OpenSSL 0.9.8r 8 Feb 2011 % curl --version curl 7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp Features: AsynchDNS GSS-Negotiate IPv6 Largefile NTLM NTLM_WB SSL libz % rails -v Rails 3.0.3 % ruby -v ruby 1.9.2p320 (2012-04-20 revision 35421) [x86_64-darwin12.2.0] % rvm --version rvm 1.15.0 (latest) by Wayne E. Seguin <wayneeseguin@gmail.com>, Michal Papis <mpapis@gmail.com> [https://rvm.io/] omniauth version is '0.2.6' then I log in via facebook with omniauth and get the following error. OpenSSL::SSL::SSLError SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I tried to fix this problem. add one line into ~/.zshrc export CURL_CA_BUNDLE='/System/Library/OpenSSL/certs/cert.pem' I'm using homebrew. and curl-config --ca show empty line. % curl-config --ca (empty output) how can I solve this problem? Thanks in advance.

ruby-on-railscurlopensslomniauthhomebrew

Reputation: 155

OpenSSL::SSL::SSLError SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

My Environment,

% openssl version
OpenSSL 0.9.8r 8 Feb 2011
% curl --version
curl 7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IPv6 Largefile NTLM NTLM_WB SSL libz
% rails -v
Rails 3.0.3
% ruby -v
ruby 1.9.2p320 (2012-04-20 revision 35421) [x86_64-darwin12.2.0]
% rvm --version
rvm 1.15.0 (latest) by Wayne E. Seguin <[email protected]>, Michal Papis <[email protected]> [https://rvm.io/]

omniauth version is '0.2.6'

then I log in via facebook with omniauth and get the following error.

 OpenSSL::SSL::SSLError
 SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

I tried to fix this problem.

add one line into ~/.zshrc

 export CURL_CA_BUNDLE='/System/Library/OpenSSL/certs/cert.pem'

I'm using homebrew. and curl-config --ca show empty line.

 % curl-config --ca 
 (empty output)

how can I solve this problem?

Thanks in advance.

Upvotes: 2

Answers (3)

vdaubry

Reputation: 11439

There is a bunch of solutions that might work for you here :

http://railsapps.github.com/openssl-certificate-verify-failed.html

If it still doesn't work, the answer from Rahul almost worked for me, except that i had to force the download of the certificate in the rvm SSL folder :

rvm pkg install openssl
rvm install 1.9.3-p374 –with-openssl-dir=$rvm_path/usr
cd $rvm_path/usr/ssl
curl -O http://curl.haxx.se/ca/cacert.pem
mv cacert.pem cert.pem

Hope this helps, Vincent

Upvotes: 2

Rahul

Reputation: 464

if you using brew and rvm, use the following:

rvm remove 1.9.3
brew install openssl
rvm install 1.9.3 --with-openssl-dir=`brew --prefix openssl`

Upvotes: 6

snow6oy

Reputation: 718

Two things that might help. Firstly you can use openssl at the command line to test that your certificates are chained together properly. For example:

openssl verify -CAfile your-bundle.crt your.crt

This may involve adding the public key from facebook to your bundle, but it's hard to say without more details of the certificates that you're using. Secondly you are on the right path in exporting the CURL_CA_BUNDLE. Once the chain is correct then another option is to use curl with some commandline options. For example:

curl --verbose --head https://example.com:443/ --cert ./testclient.crt --key testclient.key --cacert test-bundle.crt

Sorry I can't help with the omniauth side of your question. Good luck!

Upvotes: 1

OpenSSL::SSL::SSLError SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

Answers (3)

Related Questions