🚨 Forest down (SSL issue) - Trouble logging in - error 400: Invalid client id 🚨

Sure here’s the result

Ok, the version of forest_liana is not displayed here :-/
Can you share the name of your project and your environment? I’ll check in our database.

Yes
Project : Holivia
Environement : test

We than will rollup the updates to production environment

Thanks

Ok, my idea does not work either because we have in the DB the version that is sent by your agent… but as it cannot contact our server, the version here is not correct.

bundle info forest_liana should give the version that you deployed. Can you run it on your server?

Yes

Ok.

  • Did you also apply a monkey-patch yourself on the http-client library?
  • Are you running your application in a container?
  1. We didn’t apply the monkey patch since it was supposed to be incorporated in the 6.6.3
  2. No, we are running the app in an aws ec2 instance

Ok, it could be related to the version of ruby or rails.

Can you please share the result of ruby -v and bundle show rails?

I could reproduce locally by running this inside the irb console:

require 'net/http'
Net::HTTP.get(URI('https://api.forestadmin.com'))

It gives me the error:

OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=error: certificate verify failed
	from /Users/gg/.rbenv/versions/2.3.4/lib/ruby/2.3.0/net/http.rb:933:in `connect_nonblock'
	from /Users/gg/.rbenv/versions/2.3.4/lib/ruby/2.3.0/net/http.rb:933:in `connect'
	from /Users/gg/.rbenv/versions/2.3.4/lib/ruby/2.3.0/net/http.rb:863:in `do_start'
	from /Users/gg/.rbenv/versions/2.3.4/lib/ruby/2.3.0/net/http.rb:852:in `start'
	from /Users/gg/.rbenv/versions/2.3.4/lib/ruby/2.3.0/net/http.rb:584:in `start'
	from /Users/gg/.rbenv/versions/2.3.4/lib/ruby/2.3.0/net/http.rb:479:in `get_response'
	from /Users/gg/.rbenv/versions/2.3.4/lib/ruby/2.3.0/net/http.rb:456:in `get'
	from (irb):2
	from /Users/gg/.rbenv/versions/2.3.4/bin/irb:11:in `<main>'

Can you try the solution from this answer on stackoverflow? Maybe you can move the file instead of deleting it, just in case.

1 Like

All good ! We refreshed the certificates on the machine and now its working all fine thanks !

3 Likes