How to set ca-bundle path for OpenSSL in ruby

ruby openssl certificate ca
Coxer picture Coxer · Feb 7, 2013 · Viewed 10.2k times · Source

I am experiencing a problem in ruby, where an SSL cert could not be validated by OpenSSL. I think this is caused by the ca-bundle.pem not being known by the script. Is there a possibility to configure the path of the ca-bundle.pem manually?

Answer

Daniel Roethlisberger picture Daniel Roethlisberger · Feb 10, 2013

OpenSSL uses the SSL_CERT_FILE environment variable. You can set it in your ruby script using something like before the first require which pulls in OpenSSL:

ENV['SSL_CERT_FILE'] = '/path/to/ca-bundle.pem'

or, if you prefer, you can set the SSL_CERT_FILE environment variable in your OS environment, web server configuration etc depending on your situation.

Related questions

Why is Ruby unable to verify an SSL certificate?

This is my first time trying to use the XMLRPC::Client library to interact with a remote API and I keep receiving this error: warning: peer certificate won't be verified in this SSL session Searching around I've found loads of …

Read More
SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A

I have a ruby client that connects to an exchange server using IMAP & SSL. I use the Ruby Net::IMAP library (which uses openssl under the covers) to connect. Its been working fine for months. The exchange server admin …

Read More
gem install fails with openssl failure

I tried to install cocoapods (http://cocoapods.org/) on my OSX Mountain Lion. moshe-mbp:~ moshem$ gem install cocoapods ERROR: Could not find a valid gem 'cocoapods' (>= 0), here is why: Unable to download data from https://rubygems.org/ - SSL_…

Read More