My project is on Ruby On Rails.
I am using activemerchant gem for authorize.net payment gateway.
Recently I have renewed SSL license.
When I am trying to update info it gives me error The SSL connection to the remote server could not be established.
I am using CIM module for authorize.net.
Please help me with this.
Below Links might be helpful:
http://railsapps.github.io/openssl-certificate-verify-failed.html
bundle install fails with SSL certificate verification error
https://github.com/rubygems/rubygems/issues/515
http://www.buildingwebapps.com/articles/79189-using-ssl-in-rails-applications
http://blog.dynamic50.com/2011/02/15/ssl-on-wildcard-domains-on-heroku-using-godaddy/
http://railsapps.github.io/openssl-certificate-verify-failed.html
Related
I am trying to use Stripe with my Ruby app and keep getting this error:
Error! Could not verify Stripe's SSL certificate. Please make sure that your network is not intercepting certificates. (Try going to https://api.stripe.com/v1 in your browser.) If this problem persists, let us know at support#stripe.com. (Network error: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed).
Why am I getting this? Any help would be greatly appreciated.
Thanks!
Stripe's Ruby bindings verify the HTTPS certificate on Stripe's servers (api.stripe.com) to ensure you're really communicating with Stripe and not with a malicious third-party (a.k.a. a "man-in-the-middle attack").
There are a number of reasons that can cause this error. First, you should make sure you're using the latest versions of the following:
the stripe-ruby gem
the rest-client gem
Ruby
OpenSSL
If you're working in a corporate environment, it's possible your firewall replaces HTTPS certificates in order to be able to decrypt HTTPS traffic. (This is essentially the same thing as a man-in-the-middle attack.)
If you're still having this issue, you can disable the SSL verification by including this line:
Stripe.verify_ssl_certs = false
However, I would strongly advise against doing this. It might be okay in a development environment, but you should never do this in a production environment.
EDIT: We're currently investigating this issue -- it seems it might have been introduced in a recent version of the stripe-ruby gem. For now, it seems downgrading to version 1.34.0 will fix the "Could not verify Stripe's SSL certificate" issue.
Open terminal.
Run command $curl -v https://api.stripe.com
For intermittent issue like I had you may have to run this command 10 to 20 times back to back. Then stop and start again until you see the error.
The IP address it attempts to connect to should match an IP address of the domain you are trying to access. For stripe you can check valid ip addresses here https://stripe.com/docs/ips
If the IP address does not match or if the IP address is the same as your network then you could be experiencing man in the middle attack.
In my case I was experiencing this issue with aws and stripe because they use curl to connect. Returning error 60 no alternative certificate subject name matches target host name.
A workaround is to edit /etc/hosts file.
Hard code an IP address of the endpoint
XXX.XXX.X.X api.stripe.com
This will stop the issue, but should be revisited because your application will fail in the future if the IP address for the endpoint is changed or removed.
I am trying to test my app with the Demo DocusignAPI at using the endpoint https://demo.docusign/net/restapi/v2/
Question: Is a self-signed SSL certificate acceptable when using the Demo endpoint?
I ask because when I try to use the create_envelope_from_document call, I get the following error message, and I'm trying to determine if my use of a self-signed certificate is contributing to the error:
OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed)
I am using ruby 1.9.3 and rails 3.2.13 on Ubuntu 12.04.
Are you talking about including an SSL cert for the event notifications? The only mention I see from their documentation when I search for "SSL" is the
signMessageWithX509Cert
property on the eventNofication object. This can be viewed on several of their api guide pages like this one.
In any case, with all of the comments that have come in on this thread so far I believe your issue is related to your certificates and not with the DocuSign API. Were you able to resolve this yet?
WL 5.0.6, HTTP adapter, running on Liberty
We want to make simple connection from our adpater to a backend over SSL, the backend team have provided us their certificate.
Our symptom is
FWLSE0101E: Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
We have read the infocenter here but clearly have got something wrong. Steps we took
Used the JRE keystore tool to add the cert to a keystore.
Adjusted the worklight properties to point to the kaystore.
Restarted the WL Server
Any suggestions for how to diagnose or fix?
The issue in this case was that the certificate referenced hosts that were not visible to our DNS server. We worked around this by adding entries to /etc/hosts.
I'm trying to setup our APNS server. I was looking at the instructions on this page:
http://www.raywenderlich.com/3443/apple-push-notification-services-tutorial-part-12
I'm understanding everything. Problem is that I have a website already SSL enables (SSL terminates at the load balancer) on AWS, following these instructions a while back:
"Public key certificate and private key doesn't match" when using Godaddy issued certificate
The website for APNS is telling me to get a CSR file, etc. But if I already have this SSL certification done, does it mean I have to start from scratch and re-key my key? :( I wasn't able to find information regarding this...
The APNS CSR has nothing to do with any certificates you already have.
You have to create certificates in the developer area of apples websites. You don't install those certificates to the web server... they are only used from the php script on your server to connect to the apple server as a client. Your script has to load them while they run.. but they are not installed in the web server or load balancer.
I keep getting this error in my production enviroment
OpenSSL::SSL::SSLError (hostname was not match with the server certificate)
I really don't know much about certificates. I have configured rails to use sendmail. Sendmail is working well in other php applications on the server.
I use Phusion Passenger.
I also have a redmine-app which uses sendmail and also works fine (but it runs rails 2.x)
Any idea how to solve this?
This means the SSL Certificate installed on the mail server did not match its hostname.
You can disable these exceptions, but then you are vulnerable to man-in-the-middle attacks.
The other option is to get a proper SSL Certificate (or install it correctly) for your mail server.
For more on SSL Certs I suggest superuser.com