wicked_pdf: ActionView::Template::Error: SSL_connect returned=1 errno=0 state=error: certificate verify failed

Issue description

Hi there,

Since the R3 expired certificate from September 30th, my Wickedpdf stopped working. It seems I cannot call wicked_pdf_stylesheet_link_tag, due to a certificate error.

Here is the stacktrace:

ActionView::Template::Error: SSL_connect returned=1 errno=0 state=error: certificate verify failed from /usr/local/rvm/rubies/ruby-2.3.6/lib/ruby/2.3.0/net/protocol.rb:44:in connect_nonblock’ from /usr/local/rvm/rubies/ruby-2.3.6/lib/ruby/2.3.0/net/protocol.rb:44:in ssl_socket_connect' from /usr/local/rvm/rubies/ruby-2.3.6/lib/ruby/2.3.0/net/http.rb:928:in connect’ from /usr/local/rvm/rubies/ruby-2.3.6/lib/ruby/2.3.0/net/http.rb:863:in do_start' from /usr/local/rvm/rubies/ruby-2.3.6/lib/ruby/2.3.0/net/http.rb:852:in start’ from /usr/local/rvm/rubies/ruby-2.3.6/lib/ruby/2.3.0/net/http.rb:584:in start' from /usr/local/rvm/rubies/ruby-2.3.6/lib/ruby/2.3.0/net/http.rb:479:in get_response’ from /usr/local/rvm/rubies/ruby-2.3.6/lib/ruby/2.3.0/net/http.rb:456:in get' from /usr/local/rvm/gems/ruby-2.3.6/gems/wicked_pdf-2.1.0/lib/wicked_pdf/wicked_pdf_helper/assets.rb:159:in read_from_uri’ from /usr/local/rvm/gems/ruby-2.3.6/gems/wicked_pdf-2.1.0/lib/wicked_pdf/wicked_pdf_helper/assets.rb:149:in read_asset' from /usr/local/rvm/gems/ruby-2.3.6/gems/wicked_pdf-2.1.0/lib/wicked_pdf/wicked_pdf_helper/assets.rb:20:in block in wicked_pdf_stylesheet_link_tag’ from /usr/local/rvm/gems/ruby-2.3.6/gems/wicked_pdf-2.1.0/lib/wicked_pdf/wicked_pdf_helper/assets.rb:18:in collect' from /usr/local/rvm/gems/ruby-2.3.6/gems/wicked_pdf-2.1.0/lib/wicked_pdf/wicked_pdf_helper/assets.rb:18:in wicked_pdf_stylesheet_link_tag’ from /home/app/app/views/layouts/pdf.html.erb:5:in _app_views_layouts_pdf_html_erb__4356050262088495231_58899600' from /usr/local/rvm/gems/ruby-2.3.6/gems/actionview-4.2.0/lib/action_view/template.rb:145:in block in render’ from /usr/local/rvm/gems/ruby-2.3.6/gems/activesupport-4.2.0/lib/active_support/notifications.rb:166:in instrument'

Expected or desired behavior

Not getting any certificate errors.

System specifications

Ubuntu 16.04 Docker image: phusion/passenger-ruby23:0.9.29

wicked_pdf gem version (output of cat Gemfile.lock | grep wicked_pdf):

wicked_pdf (2.1.0)

wkhtmltopdf version (output of wkhtmltopdf --version):

whtmltopdf provider gem and version if one is used:

Using gem ‘wkhtmltopdf-binary’

platform/distribution and version (e.g. Windows 10 / Ubuntu 16.04 / Heroku cedar):

Ubuntu 16.04

About this issue

Most upvoted comments

Thank you @jpmermoz it worked !

+1
tdutreui on Oct 4, 2021

Hi, Same problem here @jpmermoz Did you find a workaround?

Yes, I modified the Dockerfile in order to remove the expired certificate:

FROM phusion/passenger-ruby23:0.9.29

Make a backup of your sources.list

RUN mv /etc/apt/sources.list.d /etc/apt/sources.list.d.bak

Install these 2 packages

RUN apt-get install libgnutls30 ca-certificates

Restore sources.list

RUN mv /etc/apt/sources.list.d.bak /etc/apt/sources.list.d

Rest of dockerfile

Fix R3 expired certificate

RUN rm /etc/ssl/certs/2e5ac55d.0 RUN rm /etc/ssl/certs/12d55845.0 RUN rm /etc/ssl/certs/DST_Root_CA_X3.pem RUN sed -i ‘/mozilla/DST_Root_CA_X3.crt/d’ /etc/ca-certificates.conf RUN update-ca-certificates

+1
jpmermoz on Oct 4, 2021
Read more comments on GitHub
← wicked_pdf: ActionView::MissingTemplate after upgrade to rails 7
wicked_pdf: ActionView::Template::Error (undefined method `start_with?' for nil:NilClass): →