[ruby-core:21546] Fwd: OpenSSL Ruby 1.9? "Certificate verify failed"

< ^ > P N |<>| ^ _>< --- | ~ ...Help
Below the forwarded email is my verification that this error has  
nothing to do with windows (beyond bug #999, but that is tangental).  
Is this expected behavior? Is certificate handling stricter in 1.9.1?

Begin forwarded message:

> From: Alexandre Alex <alex.vaillancourt / gmail.com>
> Date: January 23, 2009 10:56:03 PM PST
> To: ruby-talk / ruby-lang.org (ruby-talk ML)
> Subject: OpenSSL Ruby 1.9? "Certificate verify failed"
> Reply-To: ruby-talk / ruby-lang.org
> X-Spam-Status: No, hits=-3.9 required=5.0 tests=BAYES_00,ZSS_RUBY   
> autolearn=no version=2.64-zss_spam_1_1_1
>
> Hi Guys!
>
> I'm trying to use OpenSSL with Ruby 1.9.1 but each time it tells me
> "SSLv3 read server certificate B: certificate verify failed
> (OpenSSL::SSL::SSLError)".
>
> Also, I had to copy ssleay32.dll and libeay32.dll else it wouldn't  
> have
> "worked"..
>
> Here's the ruby code:
>
>    require 'net/https'
>    require 'uri'
>
>    uri = URI.parse(ARGV[0] || 'https://gmail.com/')
>    http = Net::HTTP.new(uri.host, uri.port)
>    http.use_ssl = true if uri.scheme == "https"  # enable SSL/TLS
>    http.start {
>      http.request_get(uri.path) {|res|
>        print res.body
>      }
>    }
>
> Nothing complex, I just don't understand WHY it doesn't work?! If
> someone could help me, I'd be verry happy, I really don't know what to
> do...
> -- 
> Posted via http://www.ruby-forum.com/.

507 % ./miniruby -I./lib -I.ext/common -I./- -r./ext/purelib.rb  ./ 
runruby.rb --extout=.ext  -- -v ~/x.rb
ruby 1.9.1p5000 (2009-01-20 trunk 21699) [i386-darwin9.6.0]
/Users/ryan/Work/svn/ruby/ruby/lib/net/http.rb:611:in `connect':  
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B:  
certificate verify failed (OpenSSL::SSL::SSLError)
	from /Users/ryan/Work/svn/ruby/ruby/lib/net/http.rb:611:in `connect'
	from /Users/ryan/Work/svn/ruby/ruby/lib/net/http.rb:574:in `do_start'
	from /Users/ryan/Work/svn/ruby/ruby/lib/net/http.rb:563:in `start'
	from /Users/ryan/x.rb:7:in `<main>'
508 % ruby -v ~/x.rbruby 1.8.6 (2008-03-03 patchlevel 114) [universal- 
darwin9.0]
warning: peer certificate won't be verified in this SSL session
/System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/ 
1.8/net/http.rb:571: warning: using default DH parameters.
<HTML><HEAD><meta http-equiv="content-type" content="text/ 
html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
here.
</BODY></HTML>
509 % cat ~/x.rb
    require 'net/https'
    require 'uri'

    uri = URI.parse(ARGV[0] || 'https://gmail.com/')
    http = Net::HTTP.new(uri.host, uri.port)
    http.use_ssl = true if uri.scheme == "https"  # enable SSL/TLS
    http.start {
      http.request_get(uri.path) {|res|
        print res.body
      }
    }