SSL_connect 返回=1 errno=0 state=SSLv3 读取服务器证书B:证书验证失败 [英] SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
问题描述
我使用 Authlogic-Connect 进行第三方登录.运行适当的迁移后,Twitter/Google/yahoo 登录似乎工作正常,但 facebook 登录引发异常:
I am using Authlogic-Connect for third party logins. After running appropriate migrations, Twitter/Google/yahoo logins seem to work fine but the facebook login throws exception:
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
开发日志显示
OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed):
app/controllers/users_controller.rb:37:in `update'
请推荐..
推荐答案
我在尝试使用 Rails 3 的 JQuery 生成器时遇到了类似的问题
I ran into a similar problem when trying to use the JQuery generator for Rails 3
我是这样解决的:
获取 CURL 证书颁发机构 (CA) 包.您可以通过以下方式实现:
Get the CURL Certificate Authority (CA) bundle. You can do this with:
sudo port install curl-ca-bundle[如果你使用的是 MacPorts]- 或者直接拉下来
wget http://curl.haxx.se/ca/cacert.pem
sudo port install curl-ca-bundle[if you are using MacPorts]- or just pull it down directly
wget http://curl.haxx.se/ca/cacert.pem
执行试图验证 SSL 证书的 ruby 代码:SSL_CERT_FILE=/opt/local/etc/certs/cacert.pem rails generate jquery:install.在您的情况下,您希望将其设置为服务器在某处接收它的环境变量,或者添加类似 ENV['SSL_CERT_FILE'] =/path/to/your/new/cacert.pem在您的 environment.rb 文件中.
Execute the ruby code that is trying to verify the SSL certification: SSL_CERT_FILE=/opt/local/etc/certs/cacert.pem rails generate jquery:install. In your case, you want to either set this as an environment variable somewhere the server picks it up or add something like ENV['SSL_CERT_FILE'] = /path/to/your/new/cacert.pem in your environment.rb file.
您也可以将 CA 文件(我还没有尝试过)安装到操作系统中——有冗长的说明 here -- 这应该以类似的方式工作,但我没有亲自尝试过.
You can also just install the CA files (I haven't tried this) to the OS -- there are lengthy instructions here -- this should work in a similar fashion, but I have not tried this personally.
基本上,您遇到的问题是某些 Web 服务使用针对 OpenSSL 无法验证的 CA 签名的证书进行响应.
Basically, the issue you are hitting is that some web service is responding with a certificate signed against a CA that OpenSSL cannot verify.
这篇关于SSL_connect 返回=1 errno=0 state=SSLv3 读取服务器证书B:证书验证失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
