The authentication request to Forest was failing for us with the error SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain)
:
It turns out that the forest-rails
gem uses the Rails cache during the authentication. We use Redis as our cache store, through the Heroku Redis addon. And Redis 6 sometimes has issues with self-signed certificates. This is documented here: Redis Connection Issues - Heroku Help
We resolved the issue by adding the verify_mode: OpenSSL::SSL::VERIFY_NONE
parameter when setting up the Rails cache store:
config.cache_store = :redis_cache_store, {
url: ENV.fetch('REDIS_URL'),
# Necessary for Redis 6 and our SSL certificate (see
# https://help.heroku.com/HC0F8CUS/redis-connection-issues)
ssl_params: {
verify_mode: OpenSSL::SSL::VERIFY_NONE
}
}
I posted this to help anyone who has this issue and doesn’t know what to do. Maybe this can fix the issue for them too.