I am experiencing a problem in ruby, where an SSL cert could not be validated by OpenSSL. I think this is caused by the ca-bundle.pem not being known by the script. Is there a possibility to configure the path of the ca-bundle.pem manually?
OpenSSL uses the SSL_CERT_FILE environment variable. You can set it in your ruby script using something like before the first require which pulls in OpenSSL:
ENV['SSL_CERT_FILE'] = '/path/to/ca-bundle.pem'
or, if you prefer, you can set the SSL_CERT_FILE environment variable in your OS environment, web server configuration etc depending on your situation.
You can do so by the following:
SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
It's all because SSL_CERT_FILE has a wrong value, the value it has might not exist. So, you have to set its value to your certificate file as ENV['SSL_CERT_FILE]='path/to/ca-bundle.p'. If you are using Rails, you can put it in an initializer. If you want a gem that does everything for you, use https://github.com/stevegraham/certified.
来源:https://stackoverflow.com/questions/14748701/how-to-set-ca-bundle-path-for-openssl-in-ruby