Rails - Curb SSLCA error? - Curl::Err::SSLCACertificateError

Question

When I update my Rails gems I find this errors (only in production, in development environment working good):

Curl::Err::SSLCACertificateError

Seems that is an SSL Certificate Authority Error, but why only in production is not working? And what can I do to resolve the problem?

My curb gems is v.0.8.3 with rails 3.2.8 (the mayor update was the rake, that now is v.10.0.2, but I don't know if this influence the good working of the curb gem).

FYI, this is the code that raise the error:

    loginData = { :login => "myuser", :password => "mypass" }
    loginJson = ActiveSupport::JSON.encode(loginData)

    req = Curl::Easy.http_post("https://mysite.com", loginJson
    ) do |curl|
        curl.headers['Content-type'] = 'application/json'
    end

Answer 1

It sounds like you're using a self-signed SSL certificate on the server, which is fine. I do the same thing for internal services. You'll just want to make your client aware of the custom SSL certificate as well, that way it knows that it can be trusted.

Something like this should do the trick:

req = Curl::Easy.http_post("https://mysite.com", loginJson) do |curl|
  curl.headers['Content-type'] = 'application/json'
  curl.cacert = "/path/to/ca.crt"
  curl.cert = "/path/to/cert.pem"
end

Of course, you'll probably want to extract these string constants into a config file.

Answer 2

I find an alternative solution, when I request a "curl" I put this additional propriety:

 curl.ssl_verify_peer = false

I don't know if in term of security is the best solution, but for the moment it works...