SSL error on Heroku when using OAuth

Question

I am using the OAuth gem to do two-legged oauth verification, but when I try to use the access token I get the following error:

OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
/usr/ruby1.9.2/lib/ruby/1.9.1/net/http.rb:678:in `connect'
/usr/ruby1.9.2/lib/ruby/1.9.1/net/http.rb:678:in `block in connect'
/usr/ruby1.9.2/lib/ruby/1.9.1/timeout.rb:44:in `timeout'
/usr/ruby1.9.2/lib/ruby/1.9.1/timeout.rb:87:in `timeout'

Here's the code:

uri = construct_uri
consumer = OAuth::Consumer.new("key",
                                 "secret",
                                 :site => "remote site",
                                 :request_token_path => "",
                                 :authorize_path => "",
                                 :access_token_path => "",
                                 :http_method => :get,
                                 :scheme => "query_string"
                                )
access_token = OAuth::AccessToken.new consumer
response = access_token.request(:get, uri)

The error occurs on the last line. This code had been working for a few months and seemed to break overnight. Also what's strange is this code works when I execute it in the local rails console. From what I've read I think it has to do with the OAuth gem not being able to find the file path to my certificates, although I'm not sure where to start debugging this on heroku. On heroku we're using SNI SSL.

---

There's a workaround detailed here: https://github.com/intridea/omniauth/issues/404

Put OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE in an initializer. Apparently this is a bug with the OAuth gem that's since been fixed.

Answer 1

There's a workaround detailed here: https://github.com/intridea/omniauth/issues/404

Put OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE in an initializer. Apparently this is a bug with the OAuth gem that's since been fixed.