How do I fix SSL Certificate errors?

If you are receiving SSL errors when using our API check that you have the most recent Certificate Authority (CA) certificates installed for your operating system or application environment.

The CA certificates are sometimes called a “CA Bundle”, or simply “CA certificates” and most operating systems or languages have instructions on how to make sure they are up to date.

Testing with OpenSSL on the command line:

Verify the certificate used for https://metrics.librato.com/

echo | openssl s_client \
  -connect metrics.librato.com:443 \
  -showcerts \
  -verify 32

Servers that don’t have the root or intermediate certificates needed to verify the SSL certificate will probably report something like this:

...
    Verify return code: 27 (certificate not trusted)

Download the required intermediate certificates from RapidSSL and run OpenSSL with instructions to use them:

echo | openssl s_client \
  -CApath ./RapidSSL_CA_bundle.pem \
  -connect metrics.librato.com:443 \
  -showcerts \
  -verify 32

If those were the only missing certificates you should see something like this:

...
    Verify return code: 0 (ok)