Shopify + Ubuntu 12.04Lts + Faraday Issue = Ok to Use Older Openssl

Why is Ruby not updating after updating with Ruby Installer?

You need to update your PATH environment variable, it is still pointing to the old installation. If I remember correctly, the installer does have a box to check off to set the PATH variable. Only one installation at a time can be in your PATH.

See this answer for a quick way to change the variable. It will follow the same syntax as the following.

Open cmd.exe and type:

set PATH=%PATH%;C:\Ruby250\bin

Your installation location may be different, confirm before entering. You can also do it through the properties window of MyComputer or whatever they call it now. I find the terminal to be simpler, as it take abouts 6 windows deep to change through the GUI.

Step By Step:

• Find the directory where ruby is installed to, usually
  C:\Ruby250\bin (version may vary)
• Open a command prompt, terminal, cmd.exe, or whatever name you
  prefer to call it.
• Type set PATH=%PATH%;C:\Ruby250\bin (change folder name if yours
  is different)
• Press Enter button
• In a new cmd.exe, type ruby -v
• Enjoy

ANOTHER EDIT

• Click on the "Start" button (probably bottom-left of your screen)
• Start typing the word "environment" until you see the option Edit
the system environment variables appear
• Click on that
• A small window will open, towards the bottom left is a button that
  reads Environment Variables
• Click on that button
• There will be two sections, one for the user (that is current account
  only) and the other is the "system", which is the default and
  system-wide variables
• In each of these (just to be sure), highlight the line that has
  "Path" for the name of the variable
• Find the button under the list that you just clicked in that reads
  Edit...
• Click on it
• Look through list, it is different for everyone, can't read it for
  you. Find the one that it is the location of a Ruby installation,
  mine reads C:\Ruby24\bin because I am using Ruby 2.4.4
• YOU NEED TO MAKE SURE THAT THE FOLDER PATH IS WHERE YOU INSTALLED
  RUBY. This cannot be done for you, only you know. It is by default
  C:\RUBY***\bin, where the *** is your version number. You have to
  open explorer and simply look.
• If the variable is where is where Ruby 2.5 is installed, good, it
  doesn't need changed, but look through the list to make sure there
  are no other paths to other versions of Ruby. If there are, highlight
  them and click the delete the button to remove.
• Click OK on each window that you may have made an edit, not
  Cancel, and not X out the window.
• To confirm it works, open a new command window, if one was already
  open, the changes will not be updated in it.

How to change OPENSSLDIR on Ubuntu?

How to change OPENSSLDIR on Ubuntu?

There are two ways. One way works with all versions of OpenSSL, the second works with OpenSSL 1.0.2 and below.

All OpenSSL

./config ... --prefix=<your install location>

A straight ./config uses /usr/local/ssl as its location. Its the default location.

The difference emerges when you install. make install and make install_sw both install into the location you select. <your install location> is available in OPENSSLDIR, which is defined in <openssl/opensslconf.h>.

OpenSSL 1.0.2 and below

./config ... --openssldir=<your install location>

A straight ./config uses /usr/local/ssl as its location. Its the default location.

make install and make install_sw both install into the location you select. <your install location> is available in OPENSSLDIR, which is defined in <openssl/opensslconf.h>.

IF you use --openssldir with OpenSSL 1.1.0, then make install_sw does not honor your location.

Docker Ruby SSL_connect returned=1 errno=0 state=error: wrong signature type

I had same problem, solved with change in Dockerfile.

after FROM ruby:2.7 add

RUN sed -i 's/DEFAULT@SECLEVEL=2/DEFAULT@SECLEVEL=1/' /etc/ssl/openssl.cnf

Origin source (in Japanese):

https://qiita.com/masayuki14/items/c34eafb9d6130e2c5b67

SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)

After lots of testing, I found the correct solution. The problem was with the cert file declaration.

I tried sending the post request using the bundled cert files (example.com.pem)

http.ca_file = File.read(File.join(Rails.root, "/crt/example.com.pem"))

So, I changed the above declaration with the each crt and key files

http.cert = OpenSSL::X509::Certificate.new(File.read(File.join(Rails.root, "/crt/example.com.crt")))
http.key = OpenSSL::PKey::RSA.new(File.read(File.join(Rails.root, "/crt/example.com.key")))
req = Net::HTTP::Post.new(uri.path, initheader = {'Content-Type' =>'application/xml'}).

It now worked.

Complete code

uri = URI("https://test.compassplus.com:8444/Exec")
xml = "
<TKKPG>
    <Request>
    <Operation>CreateOrder</Operation> 
    <Language></Language>
    <Order>
        <OrderType>Purchase</OrderType>
        <Merchant>99999</Merchant>
        <Amount>10000</Amount>
        <Currency>524</Currency>
        <Description>Tour Purchase</Description>
        <ApproveURL>/approve.html</ApproveURL>
        <CancelURL>/cancel.html</CancelURL>
        <DeclineURL></DeclineURL>
        <email></email>
        <phone></phone>
        <AddParams>
            <FA-DATA></FA-DATA>
            <SenderPostalCode></SenderPostalCode>
            <AcctType></AcctType> 
            <TranAddendums></TranAddendums> 
            <TranAddendumsVISA></TranAddendumsVISA> 
            <TranAddendumsMC></TranAddendumsMC> 
            <TranAddendumsAMEX></TranAddendumsAMEX> 
            <TranAddendumsJCB></TranAddendumsJCB> 
            <OrderExpirationPeriod></OrderExpirationPeriod> 
            <OrigAmount></OrigAmount> 
            <OrigCurrency></OrigCurrency>
        </AddParams>
        <Fee></Fee> 
    </Order>
    </Request>
</TKKPG>
"
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl  = true
http.ssl_version = :TLSv1_2
http.cert = OpenSSL::X509::Certificate.new(File.read(File.join(Rails.root, "/crt/example.com.crt")))
http.key = OpenSSL::PKey::RSA.new(File.read(File.join(Rails.root, "/crt/example.com.key")))
req = Net::HTTP::Post.new(uri.path, initheader = {'Content-Type' =>'application/xml'})
@res = http.request(req, xml)

Reference.

HTTP library for Ruby with HTTPS, SSL Client Certificate and Keep-Alive support?

---

Related Topics