When attempting to login using https://willnorris.com IndieAuth states that it couldn't find any rel="me" links (example). The links are there, as doing discovery on http://willnorris.com works just fine (example).
I suspect that the problem is that I'm using SSL with SNI. Based on this stackoverflow discussion, it seems that a little extra work is necessary to have ruby support SNI.
@aaronpk did you change anything on the indieauth.com server? It doesn't look like you've made any code changes since I filed this issue, but things seem to work fine now.
I didn't, actually... Did you update any SSL config stuff on your server?
nope, haven't touched anything on my end either. After trying a few other things, it looks like perhaps my webhost restarted the apache server and I just lucked out and now my cert is the first one listed, so it's being served by default. Trying my wife's site results in the same error I was seeing before.j
So my personal immediate itch is scratched... at least until the next server reboot :)
Looked at the server logs, it's getting this error from OpenSSL:
"SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"
Fixed this by installing an updated cert file. It was probably using the default system one before, now it's pushed up and included in the IndieAuth source code. The one I grabbed was from here: https://github.com/stevegraham/certified
This is the main StackOverflow thread that led me to this: http://stackoverflow.com/questions/4528101/ssl-connect-returned-1-errno-0-state-sslv3-read-server-certificate-b-certificat
Fixed in 4b9ae70
As of this morning I am having the same problem (https://self-evident.org/).
Everything has worked fine for months, until today. I have verified that my certificate is current, and was last changed when I renewed it in August. I am pretty sure the root cert (Comodo) is part of the standard bundle shipped with Windows, Firefox, etc.
the fact that twitter.com/NemoPublius is even showing up as a candidate identity means you're probably not running into the same SSL issue. However, indieauth certainly seems to be having issues verifying the backlinks from Twitter (as well as Google+ and App.net)... the only identity it seems to be confirming for me is GitHub and email: https://indieauth.com/auth?me=https%3A%2F%2Fwillnorris.com#
hmm.. app.net seems not to allow for https links for verified domains. That would explain why that backlink won't work. I'll ping app.net folks about that.
Confirmed: https://github.com/NemoPublius works but https://twitter.com/NemoPublius fails.
Thanks for the work-around, Will.
just FYI, app.net now supports https rel=me links: https://alpha.app.net/willnorris/post/27683254
Also, to update this thread, I've moved indieauth.com to a new server with a much better list of root CAs, so we shouldn't have trouble with SSL certs anymore!
I'll close this thread, if anyone still encounters errors where indieauth.com is not able to read your site feel free to re-open.