Closed joefiorini closed 7 years ago
If anyone runs into this error, you can fix it by following the instructions under "For non-RVM Users" on this SO post:
http://stackoverflow.com/a/19151697
Before running the ruby command given there, make sure you source vruby/bin/activate
so you get the correct SSL directory for your installed Ruby version.
So that fixed the problem for me with installing gems, but I still had an issue running Rails. Fixed that by combining some steps from http://railsapps.github.io/openssl-certificate-verify-failed.html like so:
brew install openssl
and brew link --force openssl
cd /usr/local/etc/openssl/certs
sudo curl -O http://curl.haxx.se/ca/cacert.pem
sudo mv cacert.pem cert.pem
The only caveat here is that I need to set the SSL_CERT_FILE
environment variable before running rails to:
export SSL_CERT_FILE=/usr/local/etc/openssl/certs/cert.pem
Anyone know of a way around this without having to export an environment variable?
Just ran into this issue again with the new certificate on https://rails-assets.org (see rails-assets/rails-assets#306). I solved it by using https://github.com/raggi/openssl-osx-ca to sync the certs installed in my keychain with the ones in openssl. Note: in my attempts to fix this issue, I had manually installed the rails-assets intermediate cert which may/may not have been necessary. Try without doing this, but if it fails go to https://letsencrypt.org/certificates/ and download the Let’s Encrypt Authority X1 cert in pem format then open it to install in your keychain. Depending on the status of raggi/openssl-osx-ca#12, you may need to download the script from there and run that instead of official one.
Once the certs are synced, you should be good to go. However, using code from SO post linked above I noticed that my Ruby installation was expecting to find certs in /etc/openssl
, but running openssl version -d
showed that they are installed in /usr/local/etc/openssl
. I went ahead and symlinked this (ln -s /usr/local/etc/openssl /etc/openssl
) and the error about rails-assets certificate went away.
You shouldn't have to download the lets encrypt intermediate. The intermediate is signed by the DST X3 cert, which has been valid since 2000, and should be in your system certificate chain.
I suspect you had some other issue that you probably want to track down.
Closing this as I haven't had the issue with the past few Ruby versions I've installed.
There was an issue with prior Ruby versions having incorrect SSL certs for rubygems.org. See #9 for details on the problem.
To reproduce:
rm -rf vruby
../bin/vruby install --version 2.1.5
../bin/vruby vruby --version 2.1.5
You will likely see the following error:
I'm guessing RVM does something here to download certs and install them. We should look into that and do the same.