Brian, DUDE! All your beers at SD Ruby are on me for the rest of this year. You just saved my bacon big time - thanks so much for the tip. That worked like a charm.
How did you come across this fix? Cheers, Chris On Sat, May 30, 2015 at 9:09 PM, Brian <[email protected]> wrote: > I had the same issue with authorize.net and was able to resolve it by > updating the cacerts for activemerchant gem and restarting rails. > > gem env #find path to gems > [root@ip-172-30-0-131 inumbr]# cd > /usr/lib64/ruby/gems/1.8/gems/activemerchant-1.4.2/ > [root@ip-172-30-0-131 activemerchant-1.4.2]# cd lib/certs/ > [root@ip-172-30-0-131 certs]# ls > cacert.pem > [root@ip-172-30-0-131 certs]# mv cacert.pem cacert.pem.old > [root@ip-172-30-0-131 certs]# wget http://curl.haxx.se/ca/cacert.pem > 2015-05-29 06:58:53 (548 KB/s) - ‘cacert.pem’ saved [258424/258424] > > > On Friday, May 29, 2015 at 9:46:25 PM UTC-7, Chris McCann wrote: >> >> Thanks, Rob. I did in fact spend about 4 hours last night trying to >> upgrade my Rails 2.3 app to Ruby 1.9.3. I ran into obstacle after obstacle >> and was finally halted by an inability to get Rails 2.3 to talk to MySQL >> 5.5+. >> >> Has anyone else cracked that nut? >> >> Chris >> >> On Fri, May 29, 2015 at 9:36 PM, Rob Kaufman <[email protected]> wrote: >> >>> It comes down to trying to disable SSLv3. It's frankly pretty difficult >>> in 1.8.7. You'll need to dig in to which http library you need to get >>> started. If it is http.rb, get ready to patch your own Ruby. Here is a >>> place to get started. >>> >>> >>> https://www.ruby-lang.org/en/news/2014/10/27/changing-default-settings-of-ext-openssl/ >>> >>> I know it's not exciting, but you can upgrade a 2.3 app to 1.9.3. It's >>> worth doing even before you try and tackle the much bigger rails update. >>> >>> — >>> Sent from Mailbox <https://www.dropbox.com/mailbox> >>> >>> >>> On Fri, May 29, 2015 at 8:14 PM, Chris McCann <[email protected]> >>> wrote: >>> >>>> SD Ruby, >>>> >>>> A Rails app I've had in production for over 7 years developed an odd >>>> problem on Thursday. This change was not preceded by any code or server >>>> changes within the past few weeks. >>>> >>>> It's a Rails 2.3 app running on Ruby 1.8.7 (yes, it's old, and I've >>>> been working on upgrading it for months). It runs on Ubuntu 10.04.4 LTS (I >>>> know, also old, and being upgraded). >>>> >>>> It uses ActiveMerchant to process credit card payments via the >>>> Authorize.net gateway. This bit has worked essentially flawlessly for over >>>> 5 years. >>>> >>>> This past Thursday my client tried to process a credit card payment and >>>> the app threw an error: >>>> >>>> A OpenSSL::SSL::SSLError occurred in credit_card_payments#create: >>>> >>>> SSL_connect returned=1 errno=0 state=SSLv3 read server certificate >>>> B: certificate verify failed >>>> >>>> /usr/local/rvm/rubies/ruby-1.8.7-p352/lib/ruby/1.8/net/http.rb:586:in >>>> `connect' >>>> >>>> Of course, this happened while I was on an airplane, and more >>>> ironically, flying to San Antonio to see my client. >>>> >>>> Frantic Googling at 41,000 feet brought me to this: >>>> http://mislav.uniqpath.com/2013/07/ruby-openssl/ >>>> >>>> One of the suggestions in the mislav article is to do a CA >>>> certificate upgrade via apt-get (sounds of ominous bass notes in the >>>> background). Since the Ubuntu distro I have been using has been >>>> "end-of-lifed" (ELO'd), I cannot update the CA certificates on the distro, >>>> though all of the other checks indicate this isn't an issue. >>>> >>>> Also mentioned in that article is the "doctor.rb" script to check >>>> things, and it reported all was "OK". >>>> >>>> I contacted our SSL provider, RapidSSL, and they verified that our SSL >>>> certificate, and the others in the cert chain, were valid and installed >>>> correctly. >>>> >>>> I have reached out to Authorize.net to ask them if anything changed on >>>> their end but haven't heard back yet. >>>> >>>> My plea to SD Ruby: has anyone else encountered something like this? >>>> I'm at a loss as to what the cause might be or how to fix it, short of the >>>> long-delayed upgrade to Rails 4 and a new Linux distro. >>>> >>>> Thanks, >>>> >>>> Chris >>>> >>>> -- >>>> -- >>>> SD Ruby mailing list >>>> [email protected] >>>> http://groups.google.com/group/sdruby >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "SD Ruby" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> -- >>> -- >>> SD Ruby mailing list >>> [email protected] >>> http://groups.google.com/group/sdruby >>> --- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "SD Ruby" group. >>> To unsubscribe from this topic, visit >>> https://groups.google.com/d/topic/sdruby/rhAsuBqZOYI/unsubscribe. >>> To unsubscribe from this group and all its topics, send an email to >>> [email protected]. >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> -- > -- > SD Ruby mailing list > [email protected] > http://groups.google.com/group/sdruby > --- > You received this message because you are subscribed to a topic in the > Google Groups "SD Ruby" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/sdruby/rhAsuBqZOYI/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- -- SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby --- You received this message because you are subscribed to the Google Groups "SD Ruby" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
