I was just checking a more automated way of cleaning my non-recent Twitter posts when, running the small program, I got hit by an error like:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=...
read server certificate ...: certificate verify failed
If you check around the net, the first solution they say is to add this dangerous line:
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
But, deactivating security is not the best approach, so after some digging I came across a nice post (link is dead) that explains the issues, how to debug the specific problem, and partially how to solve it. As I use Windows, the instructions weren't so complete, but it all sums to:
- Download a CA certificate bundle, like for example Mozilla's
- Install the .crt file (I installed it for All Users)
- Setup the following OpenSSL system variables:
- SSL_CERT_DIR: Point to where you left the CA bundle
- SSL_CERT_FILE: Point to the .pem file
Restart your command line, and you should be able to run with SSL peer verification active (as you should).
Comments? Subscribe Share via Twitter Share via Linkedin Share via Mastodon