我在尝试让 REE 与 SSL 良好配合时遇到了一场噩梦。
每当我连接到 SSL 站点时:
require 'open-uri'
open 'https://www.google.com'
我收到以下错误:
/Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:586:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:586:in `connect'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:553:in `do_start'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:542:in `start'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:242:in `open_http'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:616:in `buffer_open'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:164:in `open_loop'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:162:in `catch'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:162:in `open_loop'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:132:in `open_uri'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:518:in `open'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:30:in `open'
它在 Ruby 1.9.2 或常规的 1.8.7 下运行良好。我尝试重新打包 OpenSSL 并安装 ree 以链接它,如前所述 on the RVM OpenSSL page , 但没有效果。我使用的是 OS X 10.6.7,但我在安装 OpenSolaris REE 时遇到了同样的问题。
如有任何建议,我们将不胜感激。
最佳答案
听起来它没有正确选择受信任的 CA 证书的位置 - REE 必须具有不同的编译默认位置,这对您的系统来说是不正确的。
为了后代:
OP 的问题通过下载解决了 http://curl.haxx.se/ca/cacert.pem
并将其复制到 /opt/local/etc/openssl/cert.pem
。
关于Ruby 企业版 + OpenSSL -> "certificate verify failed",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/6070881/