I was getting "certificate verify failed (OpenSSL::SSL::SSLError)"
in my ruby app and decided it was time to update the old openssl on my Mac OS X (Mountain Lion) system.
I grabbed the latest sources from here and did the usual
... and everything completed without apparent error. But I notice that the new openssl has not replaced the old openssl:
$ which openssl
/usr/bin/openssl
$ /usr/bin/openssl version
OpenSSL 0.9.8x 10 May 2012
$ /usr/local/ssl/bin/openssl version
OpenSSL 1.0.1e 11 Feb 2013
I'm hesitant to mess around with important system files for fear of breaking existing things. What's the recommended approach? I'm thinking of replacing /usr/bin/openssl with a symlink to the /usr/local/ssl/bin version. Would that work?
Whether you are building apps for just macOS or for cross-platform, if your app is using OpenSSL for crypto-works, you will have to install OpenSSL library since macOS ships with LibreSSL. Furthermore, cross-platform cryptography in . Net Core and .
pem files in /usr/local/etc/[email protected]/certs and run /usr/local/opt/[email protected]/bin/c_rehash .
To prioritize your local copy over the system copy you need to add it to your shell PATH variable
export PATH="/usr/local/ssl/bin:$PATH"
If you want this to execute every time you start a shell just add it to your .bash_profile in your home directory.
However, this is not going to fix your problem because Ruby would need to be recompiled against the new OpenSSL (we'll assume the updated root certificates file that comes with the new OpenSSL would hypothetically fix this issue). I'd recommend installing either rvm or rbenv and rebuilding ruby. Note that both of those tools would prefer you to install openssl via homebrew.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With