Login/Register
Can't bypass OpenSSL verification - certificate verify failed (OpenSSL::SSL::SSLError)
Asked Answered
ruby-on-railsrubyopensslnokogiri
G

1

5

I am trying to parse an HTTPS XML feed via Nokogiri but I get this OpenSSL error:

SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)

I can also see the SSL_CERT_FILE:

echo $SSL_CERT_FILE
/home/user/certs/cacert.pem

This is how I am trying to parse:

@feed = "https://example.com/feed1.xml"
doc =  Nokogiri::XML(open(@feed)

I tried to bypass the OpenSSL verification, but I still get the same error:

doc =  Nokogiri::XML(open(@feed,{ssl_verify_mode: OpenSSL::SSL::VERIFY_NONE}))

Can anyone help?

Garrard answered 9/7, 2014 at 11:39 Comment(2)
try OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE and Nokogiri::XML(open(@feed))Hautbois
its weird.. now seems it works via this: 'Nokogiri::XML(open(@feed,{ssl_verify_mode: OpenSSL::SSL::VERIFY_NONE}))'Garrard
S
7

This problem usually appears on Windows.

One quick solution is to pass ssl_verify_mode to open

require 'open-uri'
require 'openssl'
open(some_url, ssl_verify_mode: OpenSSL::SSL::VERIFY_NONE)

Another quick one is overriding OpenSSL::SSL::VERIFY_PEER in the beginning of your script by doing

require 'openssl'
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE

Those who want real solution can try method described on https://gist.github.com/fnichol/867550

Semipalatinsk answered 14/7, 2015 at 15:15 Comment(2)
I tried these solutions and got OpenURI::HTTPError: 500 Internal Server ErrorLymphocytosis
@guero64that doesn't sound like it's related to OpenSSL in any way, you get 500 when remote application is running into error so my guess is that url you are trying to hit is just experiencing some problemsSemipalatinsk

© 2022 - 2024 — McMap. All rights reserved.