TomDogg
Reputation: 3937
Rails 6.1.4.1 : certificate verify failed (unable to get local issuer certificate) (OpenSSL::SSL::SSLError)
Rails/Ruby/OpenSSL will not let me send out emails, why?
Test in the console:
irb(main):001:0> @webmessage = Webmessage.new(subject: "Hi there", body: "Bye now.", email: "[email protected]", firstname: "Me")
=> #<Webmessage:0x000055bee43fa1d0 id: nil, subject: "Hi there", body: "Bye now.", email: "[email protected]", firstname: "Me">
irb(main):002:0> ApplicationMailer.with(webmessage: @webmessage).email_webmessage.deliver_now
Rendered application_mailer/email_webmessage.html.erb within layouts/mailer (Duration: 3.2ms | Allocations: 810)
Rendered layout layouts/mailer.html.erb (Duration: 4.3ms | Allocations: 1044)
Delivered mail [email protected] (52.1ms)
/home/user/.rbenv/versions/3.0.1/lib/ruby/3.0.0/net/protocol.rb:46:in `connect_nonblock': SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate) (OpenSSL::SSL::SSLError)
Resulting error:
"SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate) (OpenSSL::SSL::SSLError)"
My cert paths:
$ echo $SSL_CERT_DIR
/etc/ssl/certs
$ echo $SSL_CERT_FILE
/etc/ssl/certs/ca-certificates.crt
My environment:
- Rails 6.1.4.1
- Ruby 3.0.1p64
- OpenSSL 1.1.1f
EDIT: This establishes a working connection:
$ openssl s_client -connect example.com:443 -CAfile /etc/ssl/certs/ca-certificates.crt
irb(main):001:0> require 'open-uri'
=> true
irb(main):002:0> p open(URI.open('https://google.com'))
#<File:/tmp/open-uri20210915-4444-phdsb>
=> #<File:/tmp/open-uri20210915-4444-phdsb>
Upvotes: 4
Views: 3467
Answers (1)
TomDogg
Reputation: 3937
Here's the solution, for posterity:
It turns out that Rails needed one of the following entries in config/environments/production.rb for the above mentioned error to disappear:
config.force_ssl = true
config.action_mailer.default_url_options = {
protocol: 'https',
host: "www.mydomain.com"
}
config.action_mailer.delivery_method = :sendmail
config.action_mailer.sendmail_settings = {
location: '/usr/sbin/sendmail',
arguments: '-i -t'
}
Upvotes: 0
Related Questions
- "Certificate verify failed" OpenSSL error when using Ruby 1.9.3
- Rails SSL certificate error on valid certificate
- OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)
- How to fix 'OpenSSL::SSL::SSLError' error in Ruby?
- SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)
- certificate Error SSL_connect returned=1 errno=0 state=error: certificate verify failed
- SSL certificate verify failed when installing gems
- OpenSSL::SSL::SSLError .....certificate verify failed?
- Can't bypass OpenSSL verification - certificate verify failed (OpenSSL::SSL::SSLError)
- Why do I get OpenSSL::SSL::SSLError when installing Rails?