Getting SSL Error Using Koala with Devise & OmniAuth in a Rails 3 App

Asked 25/5, 2011 at 15:52 Answered 5/11, 2012 at 9:58

ruby-on-rails-3 facebook devise omniauth koala

I'm building a Rails 3 app using Devise/OmniAuth, and Koala and I'm getting the following SSL error:

OpenSSL::SSL::SSLError in Users/omniauth callbacksController#facebook
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

The code that causes this error is:

@graph = Koala::Facebook::GraphAPI.new(@token)
@friends = @graph.get_connections("me", "friends")

I am using Devise with OmniAuth to perform authentication, which works. I then take the returned facebook token, and attempt to use it with Koala as shown above. That is what causes this error.

It's probably worth noting that I was receiving the same error with Devise & OmniAuth initially. There are a few topics about this error, and I was able to solve it, by setting up my config/initialisers/devise.rb with,

config.omniauth :facebook, APPID, APPKEY, {:client_options => {:ssl => {:ca_file =>  "/opt/local/share/curl/curl-ca-bundle.crt"}}}

I am guessing that I need to supply a similar configuration for Koala so that it knows where to retrieve the local ca_file. I can't find any indication of how to do so in the documentation though. Any ideas on how to do this, or how to avoid the error in general?

My dev environment is OSX.

Exterminate answered 25/5, 2011 at 15:52 Comment(1)

I've dropped in MiniFB (github.com/victorcoder/mini_fb) as a replacement for Koala, and so far I'm having better luck with that. It's at least returning data without giving the SSL error. – Exterminate 25/5, 2011 at 17:55

From the Koala repo https://github.com/arsduo/koala

You can set this in a Koala initializer which will set this option globally

/config/initializers/koala.rb

Koala.http_service.http_options = {
  :ssl => { :ca_path => "/etc/ssl/certs" }
}

Aaberg answered 24/10, 2011 at 20:34 Comment(0)

As I found on this thread you can set your options in your environment file (or in the class where you're using the gem) the following option:

Koala.http_service.ca_file = '/path/to/some/ca-certificate.crt'

Laticialaticiferous answered 24/8, 2011 at 21:32 Comment(0)

I found this solution helpful: put this in your environment configuration file

(Koala::HTTPService.http_options[:ssl] ||= {})[:ca_path] = '/path/to/ca/folder' (Koala::HTTPService.http_options[:ssl] ||= {})[:ca_file] = '/path/to/ca/file'

you can get the path by typing

openssl version -a

and extracting the path from the result

sources:
https://github.com/arsduo/koala/issues/130
https://github.com/technoweenie/faraday/wiki/Setting-up-SSL-certificates

Gunter answered 5/11, 2012 at 9:58 Comment(0)

Recommended topics

Hot tags