Windows: net/http SSL_connect certificate verify failed
I'm having a very similar issue to another thread[1], but instead of trying to install a gem, I'm just trying to use the net/http gem, and getting the same SSL certificate error:
in 'connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL:SSLError)
I've applied the Rubygems 2.0.15 update[2] referenced in the other thread, and I've verified that Rubymine is using Rubygems 2.0.15 (Tools > Show Gem Environment). When that didn't work, I looked at the manual steps and determined that the manual steps described were completed, probably by the 2.0.15 upgrade. That is, there is a file AddTrustExternalCARoot-2048.pem in the directory C:\Ruby200-x64\lib\ruby\2.0.0\rubygems\ssl_certs, and that file's content matches the file described in the manual steps.
I also verified the certificate of the URL I'm trying to reach is valid/correct in a browser. (The URL is internal, so I'm unable to provide it.)
I can also see in Rubymine that the error is coming from the net/http gem in the same path - C:\Ruby200-x64\lib\ruby\2.0.0\net\http.rb.
The time wasted trying to sort out this problem is very frustrating, so any ideas or suggestions would be appreciated.
thanks
[1] https://devnet.jetbrains.com/click.jspa?searchID=1238771&objectType=2&objectID=5559673
[2] https://gist.github.com/luislavena/f064211759ee0f806c88
Please sign in to leave a comment.
This is a bad answer, but it is an answer. Basically, I figured out how to turn off SSL certificate verification entirely.
I had been using the short POST method, but I changed to the longer ("full control") approach[1] and added these lines:
The Rubymine inspector complains that it can't find the VERIFY_NONE constant, but at least it works. It's a terrible solution, because it's not really a solution at all. It's a lousy hack.
[1] http://www.rubyinside.com/nethttp-cheat-sheet-2940.html