Problems with Omniauth and SSL


My site uses SSL all the way through and I’m having problems running
OmniAuth between /auth/twitter and /auth/open_id?openid_url=, for example

To deal with /auth/twitter, in my omniauth.rb file, I have had to set

if RAILS_ENV == 'development'
  full_host = ''
elsif RAILS_ENV == 'production'
  full_host = ''
  ## might need this later
OmniAuth.config.full_host = full_host

otherwise twitter would return an error saying …

The webpage at[token]&oauth_verifier=[verifier]might
be temporarily down or it may have moved permanently to a new web

But setting full_host to https doesn’t work with
/auth/open_id?openid_url= as I get an error page at the other end. But it
without setting it.

Would anyone know what to do with this? It has been driving me crazy and
took me so long to discover.

Omniauth will be working with Authlogic but at present, this is just a
stripped back system.

Thank you


require ‘openid/store/filesystem’
require “openid/fetchers”

OpenID.fetcher.ca_file = “#{Rails.root}/certs/ca-bundle.crt”

provider :openid,‘./tmp’), :name =>
‘google’, :identifier => ‘

provider :facebook, ‘yourinfo’, ‘yourinfo’, {:client_options => {:ssl =>
{:verify => false}}}

provider :twitter, ‘yourinfo’, ‘yourinfo’

This is my configuration for development…

You can create a certs folder in your rails root and put the
ca-bundle.crt file in there. You can find it here: