Suddenly this morning my HTTP client (HTTParty) threw an error OpenSSL::SSL::SSLError: hostname does not match the server certificate
Firstly, I can’t understand what we did today so that the api would call almost the whole day the number of times in the last 2 years without any problems.
Secondly, I don’t understand how to solve it, since it is internal to HTTParty
The only thing I know is that I can not install SSL_CERT_FILEin ENV, but as I said, I already have ROOT CA specified in my /etc/ssl/certs( SSL_CERT_DIR)
Here is my conclusion
irb(main):001:0> require "openssl"
=> true
irb(main):002:0> puts OpenSSL::OPENSSL_VERSION
OpenSSL 1.0.1 14 Mar 2012
=> nil
irb(main):003:0> puts "SSL_CERT_FILE: %s" % OpenSSL::X509::DEFAULT_CERT_FILE
SSL_CERT_FILE: /usr/lib/ssl/cert.pem
=> nil
irb(main):004:0> puts "SSL_CERT_DIR: %s" % OpenSSL::X509::DEFAULT_CERT_DIR
SSL_CERT_DIR: /usr/lib/ssl/certs
Finally, since nothing has changed on Openssl and the code is wise just what happened, this is the openssl version patch, referring to the HEARTBLEED vulnerability
, openssl, didnt recompile the RUBY
Ruby ruby 1.9.3p327
Net:: HTTP- - httparty-0.13.0
. - VERIFY_NONE OPENSSL