3

My rails app makes a request to another server through Net::HTTP, however I'm receiving the error:

OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed):

I looked around and tried adding http.ca_path and http.ca_file as you can see below:

    uri = URI.parse("https://#{host}/#{path}")
    args = {:encrypted_credit_card_number => order.billing_info.card_number,
            :expiration_date => order.billing_info.authorize_expiration_date.to_s,
            :cvv => order.billing_info.cvv.to_s,
            }
    http = Net::HTTP.new(uri.host, uri.port)
    http.ca_path = '/etc/ssl/certs'
    http.ca_file = "/etc/ssl/certs/ca-certificates.crt"
    http.use_ssl = true #Enabling SSL
    http.verify_mode = OpenSSL::SSL::VERIFY_PEER
    http.verify_mode = OpenSSL::SSL::VERIFY_NONE if Rails.env.development? || Rails.env.test? || Rails.env.cucumber?

    request = Net::HTTP::Post.new(uri.request_uri)
    request.set_form_data(args)
    response = http.request(request)
    final_response = eval(response.body)

However the error still happens at this line response = http.request(request). Does anyone know the solution to this on ubuntu? I am not using RVM on this server so I need a solution without using RVM.

======

I think I might've found a solution but I don't know how to implement it. So on this site: http://railsapps.github.io/openssl-certificate-verify-failed.html there is a "Solution for Ubuntu" section. And in there is a link to a download to this: https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5 . But how do I download open execute the file when I can only access the server through the terminal?

Trying to install openssl (looks like it already existed?):

emai@web1:~$ sudo apt-get install openssl ca-certificates
[sudo] password for emai: 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
ca-certificates is already the newest version.
openssl is already the newest version.
The following packages were automatically installed and are no longer required:
  libxxf86dga1 x11-utils libxxf86vm1 xterm libgl1-mesa-dri libxcb-glx0 libgl1-mesa-glx libx11-xcb1 libglapi-mesa xbitmaps libxaw7 libxmu6 libxpm4 libfontenc1 libxtst6 libutempter0 tk8.5
  libxcb-shape0 libxv1 libllvm3.0
Use 'apt-get autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 24 not upgraded.
bigpotato
  • 26,262
  • 56
  • 178
  • 334
  • Did you try the solution provided to this [Stackoverflow question](http://stackoverflow.com/questions/16913828/ssl-connect-returned-1-errno-0-state-sslv3-read-server-certificate-b-certifica)? – gtrig Jun 04 '13 at 21:42
  • @gtrig hey gtrig!! Do you mean `apt-get install openssl ca-certificates` that? – bigpotato Jun 05 '13 at 13:44
  • Yes, did you try that, and did that change anything? – gtrig Jun 05 '13 at 16:28
  • nope... I still get the same error. I updated my question with the results from running that command – bigpotato Jun 05 '13 at 17:00
  • Have you looked through all the "Related" questions listed on the right? There are a lot of them that have the same error message you are seeing. – gtrig Jun 05 '13 at 18:51
  • yep no luck so far... – bigpotato Jun 05 '13 at 21:20

0 Answers0