search

rob-murray / jekyll-twitter-plugin

A Liquid tag plugin for the Jekyll blogging engine that embeds Tweets, Timelines and more from Twitter API
MIT License
238 stars 30 forks source link

Jekyll won't build when trying to use the plugin #24

Closed GiraffeCoding closed 7 years ago

GiraffeCoding commented 7 years ago

Hi, After successful installing the plugin it seems every time i actually try and use the plugin i get the following error:

Liquid Exception: SSL_connect returned=1 errno=0 state=error: certificate verify

Any ideas why this would be the case?

rob-murray commented 7 years ago

Please could you let me know what version of Ruby and OpenSSL (& how its installed - rbenv, rvm)?

This is usually an issue with OpenSSL lacking root certs and so it does not trust the Twitter SSL certificate - assuming they are presenting a valid cert and there is no man in the middle attack going on 😄

What is the output from these commands?

ruby -rnet/https -e "Net::HTTP.get URI('https://google.com')"

ruby -ropenssl -e "puts OpenSSL::OPENSSL_VERSION"
ruby -ropenssl -e "puts OpenSSL::OPENSSL_LIBRARY_VERSION"
GiraffeCoding commented 7 years ago

C:/tools/ruby23/lib/ruby/2.3.0/net/http.rb:933:in connect_nonblock': SSL_connect returned=1 errno=0 state=error: certificate verify failed (OpenSSL::SSL::SSLError) from C:/tools/ruby23/lib/ruby/2.3.0/net/http.rb:933:inconnect' from C:/tools/ruby23/lib/ruby/2.3.0/net/http.rb:863:in do_start' from C:/tools/ruby23/lib/ruby/2.3.0/net/http.rb:852:instart' from C:/tools/ruby23/lib/ruby/2.3.0/net/http.rb:584:in start' from C:/tools/ruby23/lib/ruby/2.3.0/net/http.rb:479:inget_response' from C:/tools/ruby23/lib/ruby/2.3.0/net/http.rb:456:in get' from -e:1:in

'

OpenSSL 1.0.2j 26 Sep 2016 (for other commands)

-this is running in a windows 10 environment

rob-murray commented 7 years ago

Can you try updating Ruby's OpenSSL library CA cert by something like this:

curl -fsSL curl.haxx.se/ca/cacert.pem \ -o "$(ruby -ropenssl -e 'puts OpenSSL::X509::DEFAULT_CERT_FILE')"

This just downloads the file https://curl.haxx.se/ca/cacert.pem to wherever OpenSSL stores its cert file.

I'm not on Windows so I dont have any way to test this though.

GiraffeCoding commented 7 years ago

Apologies i had a typo in the system environment variable. Apologies again

jerm09 commented 7 years ago

@rob-murray I am getting the same error what was it that you changed to get it to work @Ben-TangentDesign