Wrong certificates in ruby

June 9, 2014 3.6k views
Hello there! I have updated the ssl package in my ubuntu vs, I signed the new certificates and installed them correctly using nginx, when I access my website it works perfectly, however... seems like ruby is not getting the new certificates because when in my rails app (running on unicorn) try to use the ssl package I got this error:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
I got the same error when I try to run this code:
    require 'open-uri'
I try to set this export SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt, but it didn't work :( I will appreciate if anyone can point me to the right direction. Regards
2 Answers
This is most likely due to ruby not finding any up-to-date root certificates. The first thing to do is make sure the ca-certificates package is up-to-date:
sudo apt-get update
sudo apt-get install ca-certificates
If that doesn't work, you can grab the most recent CA bundle file with:
Then in your environment.rb file, you can add something like:
ENV['SSL_CERT_FILE'] = /path/to/your/new/cacert.pem
Thank you so much for your help!! this works!! Just by running this:
sudo apt-get install ca-certificates
Have another answer? Share your knowledge.