Jeff Lembeck learns a code or two

Serious code business!

OpenSSL and Gemfiles

Ever have this happen?

$ bundle install

Fetching source index from https://rubygems.org/ Could not verify the SSL certificate for https://rubygems.org/. There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see bit.ly/ssl-certs. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.

According to this comment, there is nothing to be gained from using https with rubygems - https://github.com/rails/rails/pull/4684#issuecomment-3670624

But, since this is the default for Rails, let's fix this by installing OpenSSL.

$ rvm pkg install openssl

Now, you'll have to install any ruby that you have in order to get this to work. Oof.

rvm reinstall all --force

Using Ruby 2.0? Does this STILL not work? Your certificates are probably outdated.

Luckily, <a href="raggi has given us something to update the certs on our machines - https://github.com/raggi/openssl-osx-ca

brew tap raggi/ale brew install openssl-osx-ca

Hopefully that fixes your problem like it did for me.

Edit: From what I've read out there on the internet, you can just install Ruby 2.0 like this:

rvm install 2.0.0 \ --with-openssl-dir=$HOME/.rvm/usr

instead and this problem will never arise in the first place.

Good times.

Back to Blog