google-api-ruby-client: certificate verify failed (Faraday::SSLError)

FWIW, this is what worked for me:

cert_path = Gem.loaded_specs[‘google-api-client’].full_gem_path+‘/lib/cacerts.pem’ ENV[‘SSL_CERT_FILE’] = cert_path

A system wide solution would be this (for Yosemite and Ruby 2.2.1):

Downloading this http://curl.haxx.se/ca/cacert.pem, and saving it replacing /usr/local/etc/openssl/cert.pem. Add export SSL_CERT_FILE=/usr/local/etc/openssl/cert.pem to your .bash_profile. All net::http will pickup on ENV['SSL_CERT_FILE'].

RVM and ruby seems to have an outdated CA cert.

I have used in this way and it worked for me. connection = Faraday.new(“http://example.com”) connection.ssl.verify_mode = OpenSSL::SSL::VERIFY_NONE

I fix the error with rvm reinstall ruby-2.1.5 --with-openssl-dir=/usr/local

I was getting this issue on my Mac too. brew update and then brew upgrade openssl fixed it.

upgrading ruby to 2.3.0 solved it for me as well

Nice explanation given here : https://toadle.me/2015/04/16/fixing-failing-ssl-verification-with-rvm.html

Can anyone can explain why installing Ruby from sources solves the problem?

Because pre-build version doesn’t distinguish between different OS X versions (has wrong paths hardcoded). Newer OS X has a different SSL subsystem.

@schanami helped me rvm reinstall 2.2.2 --disable-binary thx

@sqrrrl Updating openssl didn’t solve this problem for me. I have to set SSL_CERT_FILE to the bundled cacerts.pem file.

FWIW switching to a different (open) wifi network may help.

I’m no expert in networking/certificates but I recently ran into the same issue when I was trying to hit a Ruby backend with an OAuth callback. My environment was fine (macOS Sierra 10.12.6 + Docker Ruby 2.3.1 base image) and my local certificates were alright but the secured network I was on was modifying certificates to make it unfriendly for the Ruby app.

Just wanted to mention in case someone exhausted all the local options like me and was still getting: Faraday::SSLError (SSL_connect returned=1 errno=0 state=error: certificate verify failed)

Using OS X 10.10.5 and Ruby 2.3.1 via RBENV, the issue was fixed by performing steps #2 and #3 from @bryszard’s response.

Thank you @sony-mathew-fd. The solution pointed by you (https://toadle.me/2015/04/16/fixing-failing-ssl-verification-with-rvm.html) helped a lot. What I had to do:

1. Recompile ruby - rvm reinstall 2.2.0 --disable-binary
2. Download new certs from http://curl.haxx.se/ca/cacert.pem and put it to /usr/local/etc/openssl/cert.pem
3. Add export SSL_CERT_FILE=/usr/local/etc/openssl/cert.pem to .bash_profile

I encountered this problem while I was using google-cloud-ruby gem and Ruby 2.4.0.

RVM > 1.9.1 comes with the method for updating certificates:
rvm osx-ssl-certs update all

credits: http://railsapps.github.io/openssl-certificate-verify-failed.html

The solution for me on OS X 10.11.4, Ruby 2.1.2 was running rvm reinstall ruby-2.1.2 --disable-binary or switching to 2.3.0. This is perplexing as colleagues who had the app already set up on their dev machines and have the same OS and Ruby versions had this problem in 2015 but could solve it by simply downloading http://curl.haxx.se/ca/cacert.pem and ensuring that Ruby 2.1.2 was installed with the --with-openssl-dir=$rvm_path/usr flag. Can anyone can explain why installing Ruby from sources solves the problem?

To clarify, none of the following solved the issue:

• downloading http://curl.haxx.se/ca/cacert.pem, renaming it to cert.pem & pointing to it inside Rails (ENV['SSL_CERT_FILE'] = '/usr/local/etc/openssl/cert.pem') or with a system environment variable
• running rvm requirements
• re-installing Ruby 2.1.2: rvm remove 2.1.2 && rvm pkg install openssl && rvm install 2.1.2 --with-openssl-dir=$rvm_path/usr

With rvm (with Ruby 2.2.3 installed), on OS X, what fixed it for me was:

rvm requirements

Just in case anyone still facing issue… upgrading to Ruby 2.3.0 helped me. (was in 2.2.3)

Here is what worked for me:

I’m running OS X 10.11.1, Ruby 2.2.1, openssl 1.0.2d_1

Upgrading to Ruby 2.2.3 fixed the problem.