jeudi 23 avril 2015

Heroku Rails Net::HTTP: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

I have a Rails app running on a Heroku server and I'm having trouble communicating with an external server using Net::HTTP over HTTPS. The error I'm receiving whenever I attempt to POST to an external proprietary API over HTTPS is:

OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

I've done quite a few hours of Googling around for an answer to the issue I'm encountering, but to no avail. Here's my environment:

  • Heroku Dyno running Cedar 14 (was running Cedar 10, upgraded to Cedar 14 to see if it would affect the issue - no joy)
  • Rails 3.2.14rc2
  • Ruby 2.1.2

"Fixes" I have tried:

  • Running the certified gem (which has actually seemed to help out with communication via Omniauth and Google's API)
  • Monkey-patch removing SSLv2, SSLv3 from the list of verification methods. When I attempt this in the console on Heroku's server, it appears to work well enough for GET methods, but appears ignore the adjustments completely when attempting to Run Net::HTTP::Post.new instead of Net::HTTP::Get.new
  • Manually overriding the certificate file location. I've specified it to use the authority file of the operating system (which on the Cedar-14 stack is up-to-date), but still no dice.
  • I have also tried manually specifying in on the Net::HTTP object to use ssl_version="TLSv1_2" with no luck (it even keeps reporting the same SSLv3 related error)

The communication appears to be working just fine when run locally in development (I've used the RVM override method suggested here), but the moment I try things on the Heroku server, I'm out of luck.

Last, but not least, here is an abstracted variant of the code I'm running:

uri = URI.parse("http://ift.tt/1d6KFso")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = (uri.scheme == "https")
request = Net::HTTP::Post.new(uri.path, {'Content-Type' =>'application/json'})
request_body = "{\"post_body\": \"data1\"}"
response = http.request(request)

Anyone have any advice on what else I should be looking at?

Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)