Glad to hear it worked for you too. I was tipped off by an issue opened in the active_merchant repo: https://github.com/Shopify/active_merchant/issues/1643
On Saturday, May 30, 2015 at 9:54:18 PM UTC-7, Chris McCann wrote: > > Brian, > > DUDE! All your beers at SD Ruby are on me for the rest of this year. You > just saved my bacon big time - thanks so much for the tip. That worked > like a charm. > > How did you come across this fix? > > Cheers, > > Chris > > On Sat, May 30, 2015 at 9:09 PM, Brian <[email protected] <javascript:>> > wrote: > >> I had the same issue with authorize.net and was able to resolve it by >> updating the cacerts for activemerchant gem and restarting rails. >> >> gem env #find path to gems >> [root@ip-172-30-0-131 inumbr]# cd >> /usr/lib64/ruby/gems/1.8/gems/activemerchant-1.4.2/ >> [root@ip-172-30-0-131 activemerchant-1.4.2]# cd lib/certs/ >> [root@ip-172-30-0-131 certs]# ls >> cacert.pem >> [root@ip-172-30-0-131 certs]# mv cacert.pem cacert.pem.old >> [root@ip-172-30-0-131 certs]# wget http://curl.haxx.se/ca/cacert.pem >> 2015-05-29 06:58:53 (548 KB/s) - ‘cacert.pem’ saved [258424/258424] >> >> >> On Friday, May 29, 2015 at 9:46:25 PM UTC-7, Chris McCann wrote: >>> >>> Thanks, Rob. I did in fact spend about 4 hours last night trying to >>> upgrade my Rails 2.3 app to Ruby 1.9.3. I ran into obstacle after obstacle >>> and was finally halted by an inability to get Rails 2.3 to talk to MySQL >>> 5.5+. >>> >>> Has anyone else cracked that nut? >>> >>> Chris >>> >>> On Fri, May 29, 2015 at 9:36 PM, Rob Kaufman <[email protected]> wrote: >>> >>>> It comes down to trying to disable SSLv3. It's frankly pretty difficult >>>> in 1.8.7. You'll need to dig in to which http library you need to get >>>> started. If it is http.rb, get ready to patch your own Ruby. Here is a >>>> place to get started. >>>> >>>> >>>> https://www.ruby-lang.org/en/news/2014/10/27/changing-default-settings-of-ext-openssl/ >>>> >>>> I know it's not exciting, but you can upgrade a 2.3 app to 1.9.3. It's >>>> worth doing even before you try and tackle the much bigger rails update. >>>> >>>> — >>>> Sent from Mailbox <https://www.dropbox.com/mailbox> >>>> >>>> >>>> On Fri, May 29, 2015 at 8:14 PM, Chris McCann <[email protected]> >>>> wrote: >>>> >>>>> SD Ruby, >>>>> >>>>> A Rails app I've had in production for over 7 years developed an odd >>>>> problem on Thursday. This change was not preceded by any code or server >>>>> changes within the past few weeks. >>>>> >>>>> It's a Rails 2.3 app running on Ruby 1.8.7 (yes, it's old, and I've >>>>> been working on upgrading it for months). It runs on Ubuntu 10.04.4 LTS >>>>> (I >>>>> know, also old, and being upgraded). >>>>> >>>>> It uses ActiveMerchant to process credit card payments via the >>>>> Authorize.net gateway. This bit has worked essentially flawlessly for >>>>> over >>>>> 5 years. >>>>> >>>>> This past Thursday my client tried to process a credit card payment >>>>> and the app threw an error: >>>>> >>>>> A OpenSSL::SSL::SSLError occurred in credit_card_payments#create: >>>>> >>>>> SSL_connect returned=1 errno=0 state=SSLv3 read server certificate >>>>> B: certificate verify failed >>>>> >>>>> /usr/local/rvm/rubies/ruby-1.8.7-p352/lib/ruby/1.8/net/http.rb:586:in >>>>> `connect' >>>>> >>>>> Of course, this happened while I was on an airplane, and more >>>>> ironically, flying to San Antonio to see my client. >>>>> >>>>> Frantic Googling at 41,000 feet brought me to this: >>>>> http://mislav.uniqpath.com/2013/07/ruby-openssl/ >>>>> >>>>> One of the suggestions in the mislav article is to do a CA >>>>> certificate upgrade via apt-get (sounds of ominous bass notes in the >>>>> background). Since the Ubuntu distro I have been using has been >>>>> "end-of-lifed" (ELO'd), I cannot update the CA certificates on the >>>>> distro, >>>>> though all of the other checks indicate this isn't an issue. >>>>> >>>>> Also mentioned in that article is the "doctor.rb" script to check >>>>> things, and it reported all was "OK". >>>>> >>>>> I contacted our SSL provider, RapidSSL, and they verified that our SSL >>>>> certificate, and the others in the cert chain, were valid and installed >>>>> correctly. >>>>> >>>>> I have reached out to Authorize.net to ask them if anything changed on >>>>> their end but haven't heard back yet. >>>>> >>>>> My plea to SD Ruby: has anyone else encountered something like this? >>>>> I'm at a loss as to what the cause might be or how to fix it, short of >>>>> the >>>>> long-delayed upgrade to Rails 4 and a new Linux distro. >>>>> >>>>> Thanks, >>>>> >>>>> Chris >>>>> >>>>> -- >>>>> -- >>>>> SD Ruby mailing list >>>>> [email protected] >>>>> http://groups.google.com/group/sdruby >>>>> --- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "SD Ruby" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> >>>> -- >>>> -- >>>> SD Ruby mailing list >>>> [email protected] >>>> http://groups.google.com/group/sdruby >>>> --- >>>> You received this message because you are subscribed to a topic in the >>>> Google Groups "SD Ruby" group. >>>> To unsubscribe from this topic, visit >>>> https://groups.google.com/d/topic/sdruby/rhAsuBqZOYI/unsubscribe. >>>> To unsubscribe from this group and all its topics, send an email to >>>> [email protected]. >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> -- >> -- >> SD Ruby mailing list >> [email protected] <javascript:> >> http://groups.google.com/group/sdruby >> --- >> You received this message because you are subscribed to a topic in the >> Google Groups "SD Ruby" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/sdruby/rhAsuBqZOYI/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> [email protected] <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > -- -- SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby --- You received this message because you are subscribed to the Google Groups "SD Ruby" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
