Unable to authenticate you after deploy to production env

Please help,

ForestAdmin working ok in development for my Rails application. After I deployed to production and changed application_url to https://bankwiser.eu, I cannot authenticate. If I click login again, I receive callback error:

errors: [{status: 500, detail: "SSL_connect returned=1 errno=0 state=error: certificate verify failed"}]
0: {status: 500, detail: "SSL_connect returned=1 errno=0 state=error: certificate verify failed"}
detail: "SSL_connect returned=1 errno=0 state=error: certificate verify failed"
status: 500

Hi @Sergei_Tsoganov :wave: welcome to our community !
Can you share with us your

  • project name
  • the version of gem 'forest_liana' that you use
    please :pray:

ok, project name is Bankwiser
forest_liana (6.3.3)

Hello @Sergei_Tsoganov ,

Can you share your failing request from your network tab ? :slight_smile:

Kind regards,

Request URL: https://bankwiser.eu/forest/authentication/callback?code=MhfJTSU-02gokOQ18yeZPx91FA5QVH4JHLxcFh8POoyzvRLLuNKXsq546B3KL2U7&state=%7B%22renderingId%22%3D%3E106498%7D
Request Method: GET
Status Code: 500 Internal Server Error
Remote Address: 104.248.243.83:443
Referrer Policy: strict-origin-when-cross-origin

Response:

{"errors":[{"status":500,"detail":"SSL_connect returned=1 errno=0 state=error: certificate verify failed"}]}

Hello @Sergei_Tsoganov,

Could you please run a curl https://api.forestadmin.com on the server on which you are experiencing the issue?

Lower versions than 6.6.3 rely on a library that does not support the root certificate of Let’s encrypt. In order to bypass this, we included a monkey-patch of the underlying library, in order to make it use the system certificates.

But some OSs that have not been updated do not embed this new certificate either. The curl command to run the same environment than your liana will allow to detect if the problem comes from your OS.

Received this:

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Cannot GET /</pre>
</body>
</html>