Avi Zurel - @KensoDev

SSL verification issue with the Foursquare2 gem [Solved]

Posted on Apr 27, 2011

I’ve been implementing a Foursquare API into a website using the foursqaure2 gem.

While working on development, everything went smooth, tests passed and it was really cool to work with. However, once I deployed staging and production I immediately encountered the well known SSL issues.

1
2
3

  
SSLv3 read server certificate B: certificate verify failed

The solution actually wasn’t that trivial, I monkeypatched the gem so you can pass an SSL hash and refer to the ca_file.

This has solved the problem.

Notice the @ssl param, this is the important thing here.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

def initialize(options={})
        
@client\_id = options[:client\_id]
        
@client\_secret = options[:client\_secret]
        
@oauth\_token = options[:oauth\_token]
        
@ssl = options[:ssl].nil? ? Hash.new : options[:ssl]
      
end

\# Sets up the connection to be used for all requests based on options passed during initialization.
      
def connection
        
params = {}
        
params[:client\_id] = @client\_id if @client_id
        
params[:client\_secret] = @client\_secret if @client_secret
        
params[:oauth\_token] = @oauth\_token if @oauth_token
        
@connection ||= Faraday::Connection.new(:url => api\_url, :ssl => @ssl, :params => params, :headers => default\_headers) do |builder|
          
builder.adapter Faraday.default_adapter
          
builder.use Faraday::Response::Mashify
          
builder.use Faraday::Response::ParseJson
        
end
      
end

def ssl
        
@ssl
      
end

This is how you pass the hash

1
2
3

      
client = Foursquare2::Client.new(:oauth\_token => self.fs\_oauth\_token, :ssl => { :verify => OpenSSL::SSL::VERIFY\_PEER, :ca\_file => "path\_to\_your\_pem_file" })

If you are running on Amazon or any other cloud solution and you don’t know where your SSL certification is located, there’s a tip in this post on how you can find it.

Like a good Ruby on rails and open source developer, I issued a pull request to the original gem’s developer and this fix will be in the next version of the gem, you can find it here

If you are having issues with SSL, just pay attention to what version of the gem you are running and make sure you are running a version with this fix.