I was just installing a pair of Ruby applications on my new own server. I never got any SSL errors on the development machines, but now I got one. Sometimes Ruby library errors is specific on the library that currently using the library not the dependencies or the other, so I decided to look into exact error message which was complaining like this:
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)
Some people talking about disable SSL verification using Verify None, but i was thinking that it was not the solution, how if i have to use the verification?
Some other thinks that I should reinstall rvm package for openssl and it would work, but I didn’t understand how was it actually going.
And another said that I should install the ca-cert bundle, but when i use curl to https url it works.
I figured out that the certificate is not loaded or not recognized in runtime environment, so i make sure that the curl certificate is exist in /etc/ssl/certs/cacert.pem.
Then add this assignment whenever I think my script needs the certificate to be recognized:
ENV['SSL_CERT_FILE'] = “/etc/ssl/certs/cacert.pem”
I tried to run the scripts within applications I build and it’s work fine. Perhaps, you would just need to ‘export’ the SSL_CERT_FILE to your operating system environment. But this may not a correct way or an elegant solution, please correct me if you have more better way.