Omniauth Facebook Error - Faraday::Error::ConnectionFailed

Question

(FYI: I'm following the Twitter Omniauth from railscast #241. I used Twitter successfully, now going onto Facebook)

As soon as I logged into Facebook using Omniauth, I get this error:

Faraday::Error::ConnectionFailed
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

What does this mean?

This is my code

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :facebook, '<key from fb>', '<another key from fb>'
end

There's actually nothing much in my code, all I have is in the sessionController that I want to use to_yaml to see what's inside the request.env

class SessionsController < ApplicationController
    def create
        raise request.env["omniauth.auth"].to_yaml
    end
end

How do I solve the Faraday error?

score 63 · Answer 1 · answered Jun 14 '12 at 20:55

63

I've fixed this on Mac OS X Lion 10.7.4 with this solution:

$ rvm remove 1.9.3 (or whatever version of ruby you are using)
$ rvm pkg install openssl
$ rvm install 1.9.3 --with-openssl-dir=$rvm_path/usr

after this you will need to download the missing cacert.pem file:

$ cd $rvm_path/usr/ssl
$ sudo curl -O http://curl.haxx.se/ca/cacert.pem
$ sudo mv cacert.pem cert.pem

answered Jun 14 '12 at 20:55

Andrei Radulescu

1,989
1
17
29

thank you! I tried a bunch of solutions but this is what it took to make it work locally for me. – bantic Aug 09 '12 at 16:04
Yes, this worked much better for me, as I'm not using 'port' - thanks! – Brett Sep 05 '12 at 11:01
1

very useful. worked well for 10.8.2 with Rails, devise and google oauth – Dimitris Nov 21 '12 at 20:53
1

Re-installing the ruby works till the compiling step. Then I get: Error running 'make', please read /usr/local/rvm/log/ruby-1.9.3-p392/make.log There has been an error while running make. Halting the installation. – Caroline Schnapp Mar 23 '13 at 00:44
1

As indicated in the answer below, you should reference this post from the Rails Project: http://railsapps.github.io/openssl-certificate-verify-failed.html – mindtonic Sep 03 '13 at 20:19
I saw `Beware, 'rvm pkg ...' is deprecated, read about the new autolibs feature: 'rvm help autolibs'.` when running on Ubuntu 13. How would your helpful instructions change using `rvm autolibs ...`? – Kevin Meredith May 16 '14 at 17:58
tried this in 2015, this solution ended up fixing it for me http://railsapps.github.io/openssl-certificate-verify-failed.html#comment-657918573 – kittyminky Jul 12 '15 at 04:37

Neil Hoff · Accepted Answer · 2013-07-09T19:52:28.740

29

You are getting this error because Ruby cannot find a root certificate to trust.

Fix for Windows: https://gist.github.com/867550

Fix for Apple/Linux: http://martinottenwaelter.fr/2010/12/ruby19-and-the-ssl-error/ <--This site is now down.

Here is the Apple/Linux fix according the site above:

The solution is to install the curl-ca-bundle port which contains the same root certificates used by Firefox:

sudo port install curl-ca-bundle

and tell your https object to use it:

https.ca_file = '/opt/local/share/curl/curl-ca-bundle.crt'

Note that if you want your code to run on Ubuntu, you need to set the ca_path attribute instead, with the default certificates location /etc/ssl/certs.

In the end, that’s what will work on both Mac OS X and Ubuntu:

require 'net/https'
https = Net::HTTP.new('encrypted.google.com', 443)
https.use_ssl = true
https.verify_mode = OpenSSL::SSL::VERIFY_PEER
https.ca_path = '/etc/ssl/certs' if File.exists?('/etc/ssl/certs') # Ubuntu
https.ca_file = '/opt/local/share/curl/curl-ca-bundle.crt' if File.exists('/opt/local/share/curl/curl-ca-bundle.crt') # Mac OS X
https.request_get('/')

edited Jul 09 '13 at 19:52

answered Jun 03 '12 at 16:45

Neil Hoff

2,025
4
29
53

1

Thanks, your answer came in at the right time as I was on a 1 week holiday. Thanks! – user1372829 Jun 04 '12 at 04:17
That site must have just went down. I added the google cached version. – Neil Hoff May 24 '13 at 13:57
7

"tell your https object to use it:" Can you elaborate on this? Should I put the given lines of code in a .rb file somewhere in my Rails app? Where? – GMA Jun 01 '13 at 10:14
@NeilHoff can you elaborate on GeorgMillo's question? – daedelus_j Sep 11 '13 at 17:54
@GeorgeMillo this worked for me, export env variable for openssl (ruby 2, rails 4): http://stackoverflow.com/questions/10728436/opensslsslsslerror-ssl-connect-returned-1-errno-0-state-sslv3-read-server-c – daedelus_j Sep 11 '13 at 18:33
You can also `brew install curl-ca-bundle` – Schneems Nov 25 '13 at 21:38

WispyCloud · Answer 3 · 2013-04-26T09:54:39.563

Andrei's answer didn't work for me on Mac OSX 10.8.3. I had reinstalled openssl to install ruby 2.0 some time ago and since then always got this error. I fixed it thanks to Andrei's answer and instructions from the Rails project.

I ran:

$ rvm -v
$ rvm get head
# Installation of latest version of rvm...
$ rvm -v
# rvm 1.19.5 (master)
$ rvm osx-ssl-certs status all
# Certificates for /usr/local/etc/openssl/cert.pem: Old.
# Certificates for /Users/mpapis/.sm/pkg/versions/openssl/0.9.8x/ssl/cert.pem: Old.
$ sudo rvm osx-ssl-certs update all
# Updating certificates...

Then I checked if the certificates were correctly updated by running rvm osx-ssl-certs status all again but /usr/local/etc/openssl/cert.pem was still not updated. I don't know if that was necessary but I did the following:

$ cd /usr/local/etc/openssl/
$ curl -O http://curl.haxx.se/ca/cacert.pem
$ mv cacert.pem cert.pem

After that the problem was fixed. Hope that helps someone else who runs into the same issue.

I have sent this answer to 5 people and it always solves the issue! You da man! — 0bserver07, May 21 '15 at 18:59

score 8 · Answer 4 · answered Jul 30 '13 at 10:53

8

this worked for me (on Mac OS X):

$ brew install curl-ca-bundle
$ export SSL_CERT_FILE=/usr/local/opt/curl-ca-bundle/share/ca-bundle.crt

answered Jul 30 '13 at 10:53

levinalex

5,889
2
34
48

this worked for me too on OSx 10.8.5, none of the other solutions here worked, only this one, thanks! – ramz15 Apr 18 '14 at 20:29

score 3 · Answer 5 · edited May 23 '17 at 12:18

3

Alternative Solution:

[I am Win7 user with manual install the Ruby and Ruby on Rails]

I have the same problem but cannot resolve by the answer that given by this question. By the way, finally, I got problem solved by following url

Facebook Redirect url in ruby on rails open ssl error https://github.com/technoweenie/faraday/wiki/Setting-up-SSL-certificates

edited May 23 '17 at 12:18

Community

1
1

answered Nov 12 '12 at 15:50

scalopus

2,640
3
19
32

score 3 · Answer 6 · answered Sep 10 '13 at 01:44

3

The RVM website suggests running rvm osx-ssl-certs update all

RVM Website: How to fix broken certificates in your operating system.

answered Sep 10 '13 at 01:44

Ryenski

9,582
3
43
47

score 1 · Answer 7 · answered May 07 '15 at 21:05

For Windows 7: the above solution link of Neil Hoff (Fix for Windows: https://gist.github.com/867550) did not work for me.

Here is what works:

Using cmd.exe:

curl -o c:\cacert.pem http://curl.haxx.se/ca/cacert.pem
set SSL_CERT_FILE=c:\cacert.pem

using msysgit bash:

curl -o /c/cacert.pem http://curl.haxx.se/ca/cacert.pem
export SSL_CERT_FILE=/c/cacert.pem

If you do not have curl on your windows 7 command line get it here: http://www.confusedbycode.com/curl/#downloads

original solution is from here - credit to: https://github.com/chef/chef-dk/issues/106

Dunn.

score 0 · Answer 8 · answered Jul 09 '12 at 04:55

Andrei's answer worked for me, however I ran into a huge roadblock when trying to reinstall Ruby 1.9.3. Because I had installed a new version of Xcode since installing 1.9.3 I was unable to reinstall until I opened the Xcode Preferences and installed the Command Line Tools from the Downloads tab.

score 0 · Answer 9 · answered Jan 10 '14 at 10:36

0

Check out certified gem. Description:

Ensure net/https uses OpenSSL::SSL::VERIFY_PEER to verify SSL certificates and provides certificate bundle in case OpenSSL cannot find one

answered Jan 10 '14 at 10:36

phil pirozhkov

4,740
2
33
40

Omniauth Facebook Error - Faraday::Error::ConnectionFailed

9 Answers9

Linked