|
Title: SSL Error on OSX 10.4 Post by: rhevelo on October 19, 2007, 10:43:41 PM Hello,
Using ubuntu no problem at all using OSX I am having a problem Code: #!/bin/bash # script to check s3 buckets cd /Users/simon/s3/s3sync export AWS_ACCESS_KEY_ID=XXXXXXXXXXXXXXX export AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXXXXXXX export SSL_CERT_DIR=/Users/xxxxx/s3/s3sync/certs /usr/local/bin/ruby s3cmd.rb --ssl listbuckets I am using the certs generated from http://mirbsd.mirsolutions.de/cvs.cgi/~checkout~/src/etc/ssl.certs.shar Code: $ sh ssl.certs.shar I am getting the following error: Code: SSL Error: certificate verify failed 99 retries left I have tried multiple certs, directly pointed to a specific cert (used the one in the current README) with no luck. ruby version Code: ruby 1.8.6 (2007-03-13 patchlevel 0) [universal-darwin8.0] Using the latest s3sync. OSX 10.4.10 Any thoughts? Title: Re: SSL Error on OSX 10.4 Post by: ferrix on October 20, 2007, 06:31:35 PM the shell script might not work right on mac? Try the simpler one-cert method noted in the readme, might work better?
Title: Re: SSL Error on OSX 10.4 Post by: rhevelo on October 20, 2007, 09:43:58 PM the shell script might not work right on mac? Try the simpler one-cert method noted in the readme, might work better? Tried that... Code: $ AWS_ACCESS_KEY_ID=xxxx $ export AWS_ACCESS_KEY_ID $ AWS_SECRET_ACCESS_KEY=xxxx $ export AWS_SECRET_ACCESS_KEY $ SSL_CERT_FILE=12345.0 $ export SSL_CERT_FILE $ ruby s3sync.rb -d -r --ssl --delete /Users/user/Documents/ mybucket:/1234mybucket SSL Error: certificate verify failed No result available 99 retries left etc... $ ^C any more ideas? I have tried many certs including the exact one in the README.txt with no success. Title: Re: SSL Error on OSX 10.4 Post by: maelcum on October 27, 2007, 03:32:41 PM Hi,
I'm using OS X 10.4 and never had any problems. I'm using the variable called "SSL_CERT_DIR", not "..FILE". Maybe change that. Cheers maelcum Title: Re: SSL Error on OSX 10.4 Post by: morgant on January 10, 2008, 02:07:54 PM I'm running on Mac OS X 10.4.11 (Tiger) Server and ran into the same SSL issues you're describing.
On Tiger Server there's an /etc/certificates directory that an x509anchors.pem file. I initially tried to set SSL_CERT_DIR to /etc/certificates, but kept getting the "http.rb:590:in `connect': certificate verify failed (OpenSSL::SSL::SSLError)" error. Eventually I figured out that you actually can specify the file directly, as follows: Code: export SSL_CERT_FILE=/etc/certificates/x509anchors.pem If you're using /etc/s3conf/s3config.yml, like I am, then you can put the following in there: Code: ssl_cert_file: /etc/certificates/x509anchors.pem I haven't played with Leopard Server enough to know where the x509 file(s) might be on there and /etc/certificates/x509anchors.pem doesn't seem to exist on Tiger client. So in those cases, you might need to do it the traditional way. |