SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

后端 未结 30 2433
太阳男子
太阳男子 2020-11-22 04:29

I am using Authlogic-Connect for third party logins. After running appropriate migrations, Twitter/Google/yahoo logins seem to work fine but the facebook login throws except

相关标签:
30条回答
  • 2020-11-22 04:53

    While knowing it's rather a lame solution, I'm still sharing this because it seems like very few people answering here use Windows, and I think some of Windows users (me included) would appreciate a simple and intuitive approach.

    require 'openssl'
    puts OpenSSL::X509::DEFAULT_CERT_FILE
    

    That tells where your openssl is looking for the cert file. My name is not Luis, but mine was C:/Users/Luis/Code/luislavena/knap-build/var/knapsack/software/x86-windows/openssl/1.0.0l/ssl/cert.pem. The path may be different depending on each own environments (e.g. openknapsack instead of luislavena).

    The path didn't change even after set SSL_CERT_FILE=C:\foo\bar\baz\cert.pem via the console, so... I created the directory C:\Users\Luis\Code\luislavena\knap-build\var\knapsack\software\x86-windows\openssl\1.0.0l\ssl in my local disk and put a cert file into it.

    Lame as it is, this will surely work.

    0 讨论(0)
  • 2020-11-22 04:54

    A one liner fixes it for Windows in an Admin prompt

    choco install wget (first see chocolatey.org)

    wget http://curl.haxx.se/ca/cacert.pem -O C:\cacert.pem && setx /M SSL_CERT_FILE "C:\cacert.pem"
    

    Or just do this:

    gem sources -r https://rubygems.org/
    gem sources -a http://rubygems.org/
    

    Milanio's method:

    gem sources -r https://rubygems.org
    gem sources -a http://rubygems.org 
    gem update --system
    gem sources -r http://rubygems.org
    gem sources -a https://rubygems.org
    
    gem install [NAME_OF_GEM]
    
    0 讨论(0)
  • 2020-11-22 04:54

    OS X 10.8.x with Homebrew:

    brew install curl-ca-bundle
    brew list curl-ca-bundle
    cp /usr/local/Cellar/curl-ca-bundle/1.87/share/ca-bundle.crt /usr/local/etc/openssl/cert.pem
    
    0 讨论(0)
  • 2020-11-22 04:54

    If you have a symbolic link in the /usr/local/etc/openssl pointing to cert.pem try to do this:

    ruby -ropenssl -e "p OpenSSL::X509::DEFAULT_CERT_FILE" (should be /usr/local/etc/openssl)
    cd /usr/local/etc/openssl
    wget http://curl.haxx.se/ca/cacert.pem
    ln -s cacert.pem 77ee3751.0 (77ee3751.0 is my symbolic link, should depend on the openssl version)
    
    0 讨论(0)
  • What worked for me is a combination of answers, namely:

    # Reinstall OpenSSL
    brew update
    brew remove openssl
    brew install openssl
    # Download CURL CA bundle
    cd /usr/local/etc/openssl/certs
    wget http://curl.haxx.se/ca/cacert.pem
    /usr/local/opt/openssl/bin/c_rehash
    # Reinstall Ruby from source
    rvm reinstall 2.2.3 --disable-binary
    
    0 讨论(0)
  • 2020-11-22 04:57

    Here's another option for debugging purposes.

    Be sure never to use this in any production environment, as it will negate benefits of using SSL in the first place. It is only ever valid to do this in your local development environment.

    require 'openssl'
    OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
    
    0 讨论(0)
提交回复
热议问题