I was recently running into some ssl errors using traveling ruby. Using this script helped diagnosis the problem,
OpenSSL 1.0.1j 15 Oct 2014: /usr/local/override/openssl
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
The server presented a certificate that could not be verified:
subject: /C=US/O=Entrust, Inc./OU=www.entrust.net/CPS is incorporated by reference/OU=(c) 2006 Entrust, Inc./CN=Entrust Root Certification Authority
issuer: /C=US/O=Entrust, Inc./OU=www.entrust.net/CPS is incorporated by reference/OU=(c) 2006 Entrust, Inc./CN=Entrust Root Certification Authority
error code 19: self signed certificate in certificate chain
I don't see these errors using my local ruby. Trying traveling ruby for mac also does not give me this error. I think I tracked it down to the cert.pem file that is packaged in linux lib/cert.pem is not the same as the one list here. Although they have different names/extensions replacing the cert.pem file with the ca-bundle.crt fixes the issue for me.
I believe I was originally using the first version of traveling ruby but tried the latest as well and had the same problem.
Yes, correct. The Linux version copies /etc/pki/tls/cert.pem from CentOS 5. I'll have this changed.
Make Linux version use the same CA root certs as the OS X version