Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to solve "certificate verify failed" on Windows?

I am trying to use signet for OAuth to Google services. And get this error:

SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed 

Following these questions:

  • SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
  • OmniAuth & Facebook: certificate verify failed

Seems the solution is either to fix ca_path or to set VERIFY_NONE for SSL.

The ca_path fix posted only works on Linux (port install) and the fix for VERIFY_NONE seems to be for faraday.

Is there a solution for Windows/signet gem?

like image 217
mbdev Avatar asked Apr 19 '11 17:04

mbdev


People also ask

What does certificate verify failed mean?

The Ruby OpenSSL error certificate verify failed means your code can't verify that the SSL certificate of the website or API you're connecting to is the real one. It's important to solve this issue correctly to keep your communication secure.

How do I verify a certificate in Windows?

To verify that a certificate is installedOpen the Cerificates console. In the navigation pane, expand Trusted Root Certification Authorities, and then click Certificates. The CA that you created appears in the list.


1 Answers

Actually the best way I found to solve this in windows for Ruby itself, not just one gem, is to do the following:

  1. Download https://curl.haxx.se/ca/cacert.pem into c:\railsinstaller\cacert.pem. Make sure you save it as a .pem file, rather than a text file.
  2. Go to your Computer -> Advanced Settings -> Environment Variables
  3. Create a new System Variable:

    Variable: SSL_CERT_FILE Value: C:\RailsInstaller\cacert.pem

  4. Close all your command prompts, including your Rails server command prompt, etc.

  5. Start a new ruby irb prompt, and try the following:

    $irb>require 'open-uri' $irb>open('https://www.gmail.com') 

It should all work now just fine.

like image 62
SomeDudeSomewhere Avatar answered Oct 12 '22 16:10

SomeDudeSomewhere