I'm having a bit of a nightmare trying to get REE playing nicely with SSL.
Whenever I connect to an SSL site:
require 'open-uri'
open 'https://www.google.com'
I get the following error:
/Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:586:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:586:in `connect'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:553:in `do_start'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/net/http.rb:542:in `start'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:242:in `open_http'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:616:in `buffer_open'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:164:in `open_loop'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:162:in `catch'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:162:in `open_loop'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:132:in `open_uri'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:518:in `open'
from /Users/jon/.rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/open-uri.rb:30:in `open'
It works fine under Ruby 1.9.2 or the regular 1.8.7. I tried repackaging OpenSSL and installing ree to link against that, as mentioned on the RVM OpenSSL page, but it had no effect. I'm on OS X 10.6.7, but I'm seeing the same problem with our OpenSolaris REE installation.
Any suggestions would be massively appreciated.
It sounds like it isn't correctly picking up the the location of the trusted CA certificates - REE must have a different compiled-in default location, which is incorrect for your system.
For posterity:
The OP's problem was solved by downloading http://curl.haxx.se/ca/cacert.pem and copying it to /opt/local/etc/openssl/cert.pem.