Neither PUB key nor PRIV key:: nested asn1 error #42

Closed
mreinsch opened this Issue Feb 14, 2012 · 15 comments

Comments

Projects
None yet
9 participants
@mreinsch
Contributor

mreinsch commented Feb 14, 2012

After updating from 0.2.7 to 0.2.8, I now get the following error message when making requests to Paypal:

internal server error: Neither PUB key nor PRIV key:: nested asn1 error

@mreinsch

This comment has been minimized.

Show comment
Hide comment
@mreinsch

mreinsch Feb 14, 2012

Contributor

More details:

Error Message:
OpenSSL::PKey::RSAError: Neither PUB key nor PRIV key:: nested asn1 error

Where:
[GEM_ROOT]/gems/paypal_adaptive-0.2.8/lib/paypal_adaptive/request.rb, line 89
Contributor

mreinsch commented Feb 14, 2012

More details:

Error Message:
OpenSSL::PKey::RSAError: Neither PUB key nor PRIV key:: nested asn1 error

Where:
[GEM_ROOT]/gems/paypal_adaptive-0.2.8/lib/paypal_adaptive/request.rb, line 89
@tc

This comment has been minimized.

Show comment
Hide comment
@tc

tc Feb 15, 2012

Owner

This is the last commit that might have caused it:
065b7b3

@tonyla any thoughts?

Owner

tc commented Feb 15, 2012

This is the last commit that might have caused it:
065b7b3

@tonyla any thoughts?

@frankieroberto

This comment has been minimized.

Show comment
Hide comment
@frankieroberto

frankieroberto Feb 15, 2012

+1 I've just had the same issue. Have reverted back to using the previous version for now.

+1 I've just had the same issue. Have reverted back to using the previous version for now.

@tonyla

This comment has been minimized.

Show comment
Hide comment
@tonyla

tonyla Feb 15, 2012

Contributor

What's the relevant portion of the paypal_adaptive.yml?

ssl_cert_file:

That should point to the cert_key_pem.txt that is downloaded through the paypal developer interface. It will contain a section that specifies the RSA private key and another section that specifies a certificate.

Sounds like the error is either the ssl_cert_file parameter code is being run for a bad config value or the cert_key_pem.txt is incorrect/bad.

Contributor

tonyla commented Feb 15, 2012

What's the relevant portion of the paypal_adaptive.yml?

ssl_cert_file:

That should point to the cert_key_pem.txt that is downloaded through the paypal developer interface. It will contain a section that specifies the RSA private key and another section that specifies a certificate.

Sounds like the error is either the ssl_cert_file parameter code is being run for a bad config value or the cert_key_pem.txt is incorrect/bad.

@josephers

This comment has been minimized.

Show comment
Hide comment
@josephers

josephers Feb 16, 2012

Contributor

Also getting this error after the update.

ssl_cert_file pointed to a generic cacert.pem file, not the one I downloaded from a PayPal Developer Interface. That's not an RSA private key, so I'm guessing it can't make an PKey::RSA object from it.

Contributor

josephers commented Feb 16, 2012

Also getting this error after the update.

ssl_cert_file pointed to a generic cacert.pem file, not the one I downloaded from a PayPal Developer Interface. That's not an RSA private key, so I'm guessing it can't make an PKey::RSA object from it.

@tonyla

This comment has been minimized.

Show comment
Hide comment
@tonyla

tonyla Feb 16, 2012

Contributor

@josephers are you using a generic ssl_cert_file = cacert.pem in conjunction with the signature method of authenticating with Paypal?

If so I didn't realize this was common practice. I was under the impression the ssl_cert_file was strictly for the cert method provided by Paypal for authenticating api requests. If this is the case it is a relatively easy fix to separate these 2 methods.

Contributor

tonyla commented Feb 16, 2012

@josephers are you using a generic ssl_cert_file = cacert.pem in conjunction with the signature method of authenticating with Paypal?

If so I didn't realize this was common practice. I was under the impression the ssl_cert_file was strictly for the cert method provided by Paypal for authenticating api requests. If this is the case it is a relatively easy fix to separate these 2 methods.

@jboler

This comment has been minimized.

Show comment
Hide comment
@jboler

jboler Feb 20, 2012

I get the op error too. 0.2.7 works fine.

If there's a way to get 0.2.8 working can someone explain how to do it without using a certificate?

jboler commented Feb 20, 2012

I get the op error too. 0.2.7 works fine.

If there's a way to get 0.2.8 working can someone explain how to do it without using a certificate?

@todddickerson

This comment has been minimized.

Show comment
Hide comment
@todddickerson

todddickerson Feb 29, 2012

Same issue, any solution yet?

Same issue, any solution yet?

@josephers

This comment has been minimized.

Show comment
Hide comment
@josephers

josephers Feb 29, 2012

Contributor

The gem is still loading a cacert.pem file automatically even if it's not defined (in paypal_adaptive/lib/paypal_adaptive/config.rb, line 46).

So @ssl_cert_file will never be nil, even if I don't set it in the config. But the default file supplied with the gem is not an OpenSSL::PKey, so it throws an error.
A solution would be to remove the autoloading of @ssl_cert_file. I've submitted a pull request.

Contributor

josephers commented Feb 29, 2012

The gem is still loading a cacert.pem file automatically even if it's not defined (in paypal_adaptive/lib/paypal_adaptive/config.rb, line 46).

So @ssl_cert_file will never be nil, even if I don't set it in the config. But the default file supplied with the gem is not an OpenSSL::PKey, so it throws an error.
A solution would be to remove the autoloading of @ssl_cert_file. I've submitted a pull request.

@tc tc closed this in 87d40dc Feb 29, 2012

@tc

This comment has been minimized.

Show comment
Hide comment
@tc

tc Feb 29, 2012

Owner

Will make a release later tonight.

Owner

tc commented Feb 29, 2012

Will make a release later tonight.

@htaykhaing

This comment has been minimized.

Show comment
Hide comment
@htaykhaing

htaykhaing Mar 8, 2012

@tc have you release bug fixed version? I just intall gem & still getting same error
Error : Neither PUB key nor PRIV key:: nested asn1 error
paypal_adaptive (0.2.8) lib/paypal_adaptive/request.rb:89:in `initialize'

Thanks

@tc have you release bug fixed version? I just intall gem & still getting same error
Error : Neither PUB key nor PRIV key:: nested asn1 error
paypal_adaptive (0.2.8) lib/paypal_adaptive/request.rb:89:in `initialize'

Thanks

@tc

This comment has been minimized.

Show comment
Hide comment
@tc

tc Mar 8, 2012

Owner

I just cut a new release 0.2.9 which should have this fix

On Wed, Mar 7, 2012 at 8:43 PM, htaykhaing
reply@reply.github.com
wrote:

@tc have you release bug fixed version? I just intall gem & still getting same error
Error : Neither PUB key nor PRIV key:: nested asn1 error
paypal_adaptive (0.2.8) lib/paypal_adaptive/request.rb:89:in `initialize'

Thanks


Reply to this email directly or view it on GitHub:
#42 (comment)

Tommy Chheng

Owner

tc commented Mar 8, 2012

I just cut a new release 0.2.9 which should have this fix

On Wed, Mar 7, 2012 at 8:43 PM, htaykhaing
reply@reply.github.com
wrote:

@tc have you release bug fixed version? I just intall gem & still getting same error
Error : Neither PUB key nor PRIV key:: nested asn1 error
paypal_adaptive (0.2.8) lib/paypal_adaptive/request.rb:89:in `initialize'

Thanks


Reply to this email directly or view it on GitHub:
#42 (comment)

Tommy Chheng

@kellydunn

This comment has been minimized.

Show comment
Hide comment
@kellydunn

kellydunn May 13, 2012

I'm also getting this error in 0.2.9 when I attempt to provide a cert_key_pem.txt file:

paypal_adaptive (0.2.9) lib/paypal_adaptive/request.rb:93:in `initialize': Neither PUB key nor PRIV key:: nested asn1 error

Is the solution simply not to use a cert_key_pem.txt file now? Is this true for production (Paypal Live API) credentials?

I'm also getting this error in 0.2.9 when I attempt to provide a cert_key_pem.txt file:

paypal_adaptive (0.2.9) lib/paypal_adaptive/request.rb:93:in `initialize': Neither PUB key nor PRIV key:: nested asn1 error

Is the solution simply not to use a cert_key_pem.txt file now? Is this true for production (Paypal Live API) credentials?

@tc

This comment has been minimized.

Show comment
Hide comment
@tc

tc May 17, 2012

Owner

can you try again with 0.3.0?

Owner

tc commented May 17, 2012

can you try again with 0.3.0?

@kellydunn

This comment has been minimized.

Show comment
Hide comment
@kellydunn

kellydunn May 20, 2012

Looks like it's resolving for me with 0.3.0!

Looks like it's resolving for me with 0.3.0!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment