Closed jeffdeville closed 9 years ago
I'll close this, but wanted to provide some more info in case someone else runs into the same problem.
Basically, the GlobalSign certs on the latest OSX Yosemite were the problem. It was not an OpenSSL configuration issue as it so often is. I wound up spinning up a linux box, and replacing my GlobalSign certs with the ones from the box. It was a fun morning.
@jeffdeville which certs you needed to install? I'm on Mavericks and facing the same problem... Can I find them here? https://support.globalsign.com/customer/en/portal/topics/538410-root-certificates/articles Which ones?
And to add them, should I do it via Keychain Access?
I can connect by setting up an SSL Connection directly just fine, and the node client is working. I think the problem is that the cert store needs to have set_default_paths() executed. Ruby's openssl support does verification, but does not load the default cert stores. No idea why. But to replicate, all I'm doing is, in irb:
Yielding: Faraday::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
I can connect via ssl though, so long as I call set_default_paths on the cert store.