or Create a profile

Home Problems

OpenSSL certificate verify failed when trying to connect to ci.appveyor.com

Mike Dillamore's Avatar

Mike Dillamore

22 May, 2015 10:59 AM

Our build is driven from a rake (Ruby make) script, so I'm trying to add a rake task to upload our test results to the test results endpoint as described here.

This task is hitting an error with certificate verification, and I've used this script to diagnose the problem.

The output of the script is shown below. Please can you help us resolve this issue?

C:/Ruby193/bin/ruby (1.9.3-p551)
OpenSSL 1.0.0o 15 Oct 2014: C:/Users/Luis/Code/luislavena/knap-build/var/knapsack/software/x86-windows/openssl/1.0.0o/ssl
SSL_CERT_DIR=""
SSL_CERT_FILE=""
 
HEAD https://ci.appveyor.com:443
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
 
The server presented a certificate that could not be verified:
  subject: /C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA - G3
  issuer: /C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
  error code 20: unable to get local issuer certificate
 
Possible causes:
  `C:/Users/Luis/Code/luislavena/knap-build/var/knapsack/software/x86-windows/openssl/1.0.0o/ssl/cert.pem' does not exist
  `C:/Users/Luis/Code/luislavena/knap-build/var/knapsack/software/x86-windows/openssl/1.0.0o/ssl/certs/' is empty

  1. 1 Posted by Mike Dillamore on 22 May, 2015 11:26 AM

    Mike Dillamore's Avatar

    Update: looks like the invalid certificate can be ignored using verify_mode = OpenSSL::SSL::VERIFY_NONE. That should allow us to get going.

  2. Support Staff 2 Posted by Feodor Fitsner on 22 May, 2015 01:52 PM

    Feodor Fitsner's Avatar

    Yeah, but why that certificate is considered as invalid? It's a valid RapidSSL certificate working well in any browser.

    - Feodor

  3. 3 Posted by Mike Dillamore on 26 May, 2015 03:34 PM

    Mike Dillamore's Avatar

    I think we're hitting the issue reported here.

    In short, it seems to be specific to https with Ruby and I think it could be fixed by adding additional certs to the Ruby installation. It's not causing us a problem however, so not a priority.

  4. Mike Dillamore closed this discussion on 21 Dec, 2015 01:15 PM.

Comments are currently closed for this discussion. You can start a new one.

  • New Issue

  • Conversation Started

  • The discussion is closed

    No more actions from AppVeyor or the discussion starter are required.

  • Re-open the discussion

Private Permissions

This discussion is private. Only you and AppVeyor support staff can see and reply to it.

Public Permissions

This discussion is public. Everyone can see and reply to it.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

27 Jun, 2025 08:25 PM InvalidArgument: (System.Collections.ArrayList:String) [Install-Package], Exception
23 Jun, 2025 06:37 PM .NET Library for accessing AppVeyor API
21 Jun, 2025 08:51 PM Can we get a dark theme for AppVeyor?
18 Jun, 2025 08:45 PM API call fails
18 Jun, 2025 04:23 PM Environments quota exceeded error

 

13 Jun, 2025 04:36 PM Does AppVeyor currently support building on macOS with arm64 (Apple Silicon) CPU?
13 Jun, 2025 04:27 PM Stuck build job on "git checkout"
13 Jun, 2025 07:20 AM build freezing at git checkout
10 Jun, 2025 01:56 AM Inquiry Regarding Root Account Change
09 Jun, 2025 07:11 PM Credit card issue
04 Jun, 2025 04:08 PM please increase 30 minute timeout