I’m getting a “certificate verify failed” error when attempting to
via SSL to Facebook (I’m using the Omniauth gem to implement external
authentication. I’ve searched high and low for solutions to this issue,
they all seem to lead back to the but that’s already been filed in Jira:
http://jira.codehaus.org/browse/JRUBY-5010. The problem is that I can’t
seem to get that workaround to work in my case.
Here’s the situation:
- I’m running a Rails 3.0.5 application in Torquebox on Ubuntu
I’m running JRuby 1.6 final via RVM, and my app is running in 1.8.7
- I’m using the Omniauth Gem to attempt connection to Facebook.
- This gem works just fine if I use the MRI (1.8.7 or 1.9.2).
- The test case listed in 5010 in the first comment is reproducible
my system, and indeed, prepending the SSL_CERT_DIR to the command
resolve the issue. However, Omniauth isn’t using open-uri either,
I can tell, its calling the basic Net::Http code. I’ve posted a stack
- However, when I set the environment variable in Torquebox, or at
global level for the system, or manually set it in my
config/environments/development.rb (or anywhere else in the global
configuration, for that matter) I still get the “certificate verify
error when attempting to connect to Facebook. I’ve verified that I
access the ENV[‘SSL_CERT_DIR’] variable in Rails when I’ve set it in
- If I disable verification of certificates for OpenSSL, this makes
error go away, but is obviously a gaping security hole.
- On my system, the location /usr/lib/ssl/certs (to match
/usr/bin/openssl path, per the 5010 comments) is symlinked to
Is there anything else I can try to resolve this issue? Is there any
should be looking for to gather more information? Thanks for any help
anyone can provide! I can move forward with development by disabling
verification, but can’t afford to deploy to production with disabled
Carter Ventures, LLC