MrDys
commented
12 years ago Original reporter: cbeer
Closed MrDys closed 12 years ago
MrDys
commented
12 years ago Original reporter: cbeer
MrDys
commented
12 years ago cbeer: I'm not sure how prevalent this actually is, probably worth checking around. I've only noticed it on a machine running Mac OS 10.5 (10.6 doesn't have the same problem). I'd be happy with just rescueing the SSLError and providing some user directions to continue.
MrDys
commented
12 years ago jrochkind: good enough for now, can manually download the zipfile now.
MrDys
commented
12 years ago jrochkind: I don't know what to do about this.
We could give up on the idea of downloading the blacklight jetty from github. Not sure what the easy alternative is.
We coudl hack open-uri to ignore SSL chain of trust, for that rake task at least, which is generally something people say is a horrible idea security-wise and you should never do.
Or we could leave it as is, possibly with more instructions, where users need to take their OS-appropriate action to make the github SSL cert 'trusted' on the OS level. Ruby net::http uses the OS-level cert trust store.
CODEBASE-317: When I run the generator, I get this error (presumably related to the github wildcard certificate).
$ rails generate blacklight:jetty create tmp/jetty_generator fetching https://github.com/projectblacklight/blacklight-jetty/zipball/v1.4.1-1 remove tmp/jetty_generator /Users/chris_beer/.rvm/rubies/ruby-1.8.7-p299/lib/ruby/1.8/net/http.rb:586:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)