Create a gist now

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Download a cacert.pem for RailsInstaller

Why?

There is a long standing issue in Ruby where the net/http library by default does not check the validity of an SSL certificate during a TLS handshake. Rather than deal with the underlying problem (a missing certificate authority, a self-signed certificate, etc.) one tends to see bad hacks everywhere. This can lead to problems down the road.

From what I can see the OpenSSL library that Rails Installer delivers has no certificate authorities defined. So, let's go fetch some from the curl website. And since this is for ruby, why don't we download and install the file with a ruby script?

Installation

The Ruby Way! (Fun)

This assumes your have already installed the Rails Installer for Windows.

Download the ruby script to your Desktop folder from https://gist.github.com/raw/867550/win_fetch_cacerts.rb. Then in your command prompt, execute the ruby script:

ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb"

Now make ruby aware of your certificate authority bundle by setting SSL_CERT_FILE. To set this in your current command prompt session, type:

set SSL_CERT_FILE=C:\RailsInstaller\cacert.pem

To make this a permanent setting, add this in your control panel.

The Manual Way (Boring)

Download the cacert.pem file from http://curl.haxx.se/ca/cacert.pem. Save this file to C:\RailsInstaller\cacert.pem.

Now make ruby aware of your certificate authority bundle by setting SSL_CERT_FILE. To set this in your current command prompt session, type:

set SSL_CERT_FILE=C:\RailsInstaller\cacert.pem

To make this a permanent setting, add this in your control panel.

require 'net/http'
# create a path to the file "C:\RailsInstaller\cacert.pem"
cacert_file = File.join(%w{c: RailsInstaller cacert.pem})
Net::HTTP.start("curl.haxx.se") do |http|
resp = http.get("/ca/cacert.pem")
if resp.code == "200"
open(cacert_file, "wb") { |file| file.write(resp.body) }
puts "\n\nA bundle of certificate authorities has been installed to"
puts "C:\\RailsInstaller\\cacert.pem\n"
puts "* Please set SSL_CERT_FILE in your current command prompt session with:"
puts " set SSL_CERT_FILE=C:\\RailsInstaller\\cacert.pem"
puts "* To make this a permanent setting, add it to Environment Variables"
puts " under Control Panel -> Advanced -> Environment Variables"
else
abort "\n\n>>>> A cacert.pem bundle could not be downloaded."
end
end
@jpillora

This comment has been minimized.

Show comment
Hide comment
@jpillora

jpillora May 28, 2012

Thank you :D

Thank you :D

@maflores

This comment has been minimized.

Show comment
Hide comment
@maflores

maflores Jul 29, 2012

Excellent!!!! Thanks a lot! :)

Excellent!!!! Thanks a lot! :)

@Odelya

This comment has been minimized.

Show comment
Hide comment
@Odelya

Odelya Aug 7, 2012

Excellent!
If you are using JRuby - just locate the file in lib\ruby\somedirectory under the jruby folder and assign the system environment variable

Odelya commented Aug 7, 2012

Excellent!
If you are using JRuby - just locate the file in lib\ruby\somedirectory under the jruby folder and assign the system environment variable

@rc1021

This comment has been minimized.

Show comment
Hide comment
@rc1021

rc1021 Aug 16, 2012

awesome !!

rc1021 commented Aug 16, 2012

awesome !!

@mxrguspxrt

This comment has been minimized.

Show comment
Hide comment
@mxrguspxrt

mxrguspxrt Sep 4, 2012

Using is more convient, imho:

config/initializers/ssl_configuration.rb

ENV["SSL_CERT_FILE"] = "/usr/local/rvm/usr/ssl/certs/cacerts"

Using is more convient, imho:

config/initializers/ssl_configuration.rb

ENV["SSL_CERT_FILE"] = "/usr/local/rvm/usr/ssl/certs/cacerts"

@zdavatz

This comment has been minimized.

Show comment
Hide comment
@zdavatz

zdavatz Jan 15, 2013

How do I specify a path with a space on Windows? I would like to do

cacert_file = File.join(%w{c: Users "User Name" cacert.pem})

Where "User Name" is something like Zeno Davatz.

How would that work?

Best
Zeno

zdavatz commented Jan 15, 2013

How do I specify a path with a space on Windows? I would like to do

cacert_file = File.join(%w{c: Users "User Name" cacert.pem})

Where "User Name" is something like Zeno Davatz.

How would that work?

Best
Zeno

@ByScripts

This comment has been minimized.

Show comment
Hide comment
@ByScripts

ByScripts Jan 27, 2013

cacert_file = File.join(%w{c: Users Zeno\ Davatz cacert.pem})

cacert_file = File.join(%w{c: Users Zeno\ Davatz cacert.pem})

@bryanwongbh

This comment has been minimized.

Show comment
Hide comment
@bryanwongbh

bryanwongbh Feb 7, 2013

thank you so much!

thank you so much!

@mandlaanilbabu

This comment has been minimized.

Show comment
Hide comment
@mandlaanilbabu

mandlaanilbabu Feb 22, 2013

I am getting this error like this using Ruby On Rails
Error:SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed,

I am following manual step
Stil i am getting same error,I am using win7 OS
pls help me

I am getting this error like this using Ruby On Rails
Error:SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed,

I am following manual step
Stil i am getting same error,I am using win7 OS
pls help me

@mandlaanilbabu

This comment has been minimized.

Show comment
Hide comment
@mandlaanilbabu

mandlaanilbabu Feb 22, 2013

I am following first step also getting error

C:\Users\RUBY\Desktop>ruby win_fetch_cacerts.rb
win_fetch_cacerts.rb:2: syntax error, unexpected '<'

I am following first step also getting error

C:\Users\RUBY\Desktop>ruby win_fetch_cacerts.rb
win_fetch_cacerts.rb:2: syntax error, unexpected '<'

@allybee

This comment has been minimized.

Show comment
Hide comment
@allybee

allybee Mar 6, 2013

Thank you! It worked after I added it in control panel.

allybee commented Mar 6, 2013

Thank you! It worked after I added it in control panel.

@L2G

This comment has been minimized.

Show comment
Hide comment
@L2G

L2G Apr 10, 2013

This is really useful info. If it wasn't for your gist, I wouldn't have ever known about the SSL_CERT_FILE variable. I've been tearing my hair out trying to get Bundler to talk to https://rubygems.org/; now, finally, it works!

L2G commented Apr 10, 2013

This is really useful info. If it wasn't for your gist, I wouldn't have ever known about the SSL_CERT_FILE variable. I've been tearing my hair out trying to get Bundler to talk to https://rubygems.org/; now, finally, it works!

@jesalg

This comment has been minimized.

Show comment
Hide comment
@jesalg

jesalg Apr 23, 2013

This is great, thank you!

jesalg commented Apr 23, 2013

This is great, thank you!

@sschwartzman

This comment has been minimized.

Show comment
Hide comment
@sschwartzman

sschwartzman Jul 29, 2013

Thank you so much for posting this! This error was driving me nuts. If anyone's interested, in order to make the fix self-contained to the Ruby script, I did this:

  1. Download cacerts.pem to same directory as ruby script (or the /config" sub-dir in my case)
  2. Add the following to your script:
    # Fixes SSL Connection Error in Windows execution of Ruby
    # Based on fix described at: https://gist.github.com/fnichol/867550
    ENV['SSL_CERT_FILE'] = File.expand_path(File.dirname(__FILE__)) + "/config/cacert.pem"

This may be worthwhile if you're distributing the script and don't want to make users have to set the environment variable.

Thank you so much for posting this! This error was driving me nuts. If anyone's interested, in order to make the fix self-contained to the Ruby script, I did this:

  1. Download cacerts.pem to same directory as ruby script (or the /config" sub-dir in my case)
  2. Add the following to your script:
    # Fixes SSL Connection Error in Windows execution of Ruby
    # Based on fix described at: https://gist.github.com/fnichol/867550
    ENV['SSL_CERT_FILE'] = File.expand_path(File.dirname(__FILE__)) + "/config/cacert.pem"

This may be worthwhile if you're distributing the script and don't want to make users have to set the environment variable.

@sjaykr

This comment has been minimized.

Show comment
Hide comment
@sjaykr

sjaykr Jul 31, 2013

I tried the above fix but I still get this error

C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/bundler-1.3.5/lib/bundler/v
endor/net/http/persistent/ssl_reuse.rb:70:in `connect': An established connectio
n was aborted by the software in your host machine. - SSL_connect (Errno::ECONNA
BORTED)

sjaykr commented Jul 31, 2013

I tried the above fix but I still get this error

C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/bundler-1.3.5/lib/bundler/v
endor/net/http/persistent/ssl_reuse.rb:70:in `connect': An established connectio
n was aborted by the software in your host machine. - SSL_connect (Errno::ECONNA
BORTED)

@harshadsabne

This comment has been minimized.

Show comment
Hide comment
@harshadsabne

harshadsabne Aug 18, 2013

Thanks a lot, works like a charm ! :D

For the uninitiated : It works without Rails Installer also. Just copy cacert.pem to any folder of your choice and set the environment variable path accordingly.

Thanks a lot, works like a charm ! :D

For the uninitiated : It works without Rails Installer also. Just copy cacert.pem to any folder of your choice and set the environment variable path accordingly.

@annalifatou

This comment has been minimized.

Show comment
Hide comment
@annalifatou

annalifatou Aug 28, 2013

I still get this error...
WARNING: Error fetching data: SSL_connect returned=1 errno=0 state=SSLv3 read s
erver certificate B: certificate verify failed (https://rubygems.org/latest_spec
s.4.8.gz)
Updating rubygems-update
ERROR: While executing gem ... (TypeError)
can't modify frozen object

I still get this error...
WARNING: Error fetching data: SSL_connect returned=1 errno=0 state=SSLv3 read s
erver certificate B: certificate verify failed (https://rubygems.org/latest_spec
s.4.8.gz)
Updating rubygems-update
ERROR: While executing gem ... (TypeError)
can't modify frozen object

@tryveller

This comment has been minimized.

Show comment
Hide comment
@tryveller

tryveller Sep 13, 2013

Thanks...This was really useful !!

Thanks...This was really useful !!

@OldGrantonian

This comment has been minimized.

Show comment
Hide comment
@OldGrantonian

OldGrantonian Oct 6, 2013

I'm new to anything related to Ruby. I'm using WinXP Pro.

I notice that all google posts on any site seem to relate to rails. Therefore all the suggested solutions relate to rails.

I don't use rails. I want to use Watir and Watir-WebDriver for testing web applications.

So, my question is: how do I solve the SSL problem for the command:

gem install mini_magick -v 3.5 --no-document
ERROR: Could not find a valid gem 'mini_magick' (= 3.5), here is why:
Unable to download data from https://rubygems.org/ - SSL_connect retur
ned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (
https://s3.amazonaws.com/production.s3.rubygems.org/specs.4.8.gz)

BTW: mini_magick is part of DevKit, which is needed before installing Watir.

I'm new to anything related to Ruby. I'm using WinXP Pro.

I notice that all google posts on any site seem to relate to rails. Therefore all the suggested solutions relate to rails.

I don't use rails. I want to use Watir and Watir-WebDriver for testing web applications.

So, my question is: how do I solve the SSL problem for the command:

gem install mini_magick -v 3.5 --no-document
ERROR: Could not find a valid gem 'mini_magick' (= 3.5), here is why:
Unable to download data from https://rubygems.org/ - SSL_connect retur
ned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (
https://s3.amazonaws.com/production.s3.rubygems.org/specs.4.8.gz)

BTW: mini_magick is part of DevKit, which is needed before installing Watir.

@AugustoPedraza

This comment has been minimized.

Show comment
Hide comment
@AugustoPedraza

AugustoPedraza Oct 10, 2013

Thanks!!! This work for me to install the net-sftp gem on my Windows!!!

Thanks!!! This work for me to install the net-sftp gem on my Windows!!!

@kirkytullins

This comment has been minimized.

Show comment
Hide comment
@kirkytullins

kirkytullins Oct 16, 2013

Thank you ! that saved me a lot of trouble !

Thank you ! that saved me a lot of trouble !

@Gabri3l

This comment has been minimized.

Show comment
Hide comment
@Gabri3l

Gabri3l Oct 29, 2013

Wow, thanks! That was really easy to solve!

Gabri3l commented Oct 29, 2013

Wow, thanks! That was really easy to solve!

@trn-malyy

This comment has been minimized.

Show comment
Hide comment
@trn-malyy

trn-malyy Nov 5, 2013

Thank you for this post ! Fixed my ssl cert. error.

Thank you for this post ! Fixed my ssl cert. error.

@jishaq

This comment has been minimized.

Show comment
Hide comment
@jishaq

jishaq Nov 15, 2013

@sschwartzman - I like your idea of adding the cacerts.pem to the config, and then using it to set ENV['SSL_CERT_FILE']. I tried this in my Ruby command-line application, but it wasn't working - I was still getting the same error.

The problem is that when I build my gem, the "executable" that RubyGems generates has bootstrap code where it attempts to load my gem (which causes the OpenSSL error) before I ever have a chance to affect the ENV[] statement. Here is the generated bootstrap code:

C:\RailsInstaller\Ruby1.9.3\bin>type my_gem
#!C:/RailsInstaller/Ruby1.9.3/bin/ruby.exe
#
# This file was generated by RubyGems.
#
# The application 'my_gem' is installed as part of a gem, and
# this file is here to facilitate running it.
#

require 'rubygems'

version = ">= 0"

if ARGV.first
  str = ARGV.first
  str = str.dup.force_encoding("BINARY") if str.respond_to? :force_encoding
  if str =~ /\A_(.*)_\z/
    version = $1
    ARGV.shift
  end
end

gem 'my_gem', version
load Gem.bin_path('my_gem', 'my_gem', version)

C:\RailsInstaller\Ruby1.9.3\bin>

And here is the error; you can see ruby running through the bootstrap code above, getting to the "load" line, and processing a 'require' statement in one of my dependencies (mixpanel_client), which eventually barfs.

C:\Sites>my_gem
C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:799:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verif
y failed (OpenSSL::SSL::SSLError)
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:799:in `block in connect'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/timeout.rb:54:in `timeout'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/timeout.rb:99:in `timeout'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:799:in `connect'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:755:in `do_start'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:744:in `start'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:306:in `open_http'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:775:in `buffer_open'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:203:in `block in open_loop'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:201:in `catch'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:201:in `open_loop'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:146:in `open_uri'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:677:in `open'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:685:in `read'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/mixpanel_client-3.1.2/lib/mixpanel/uri.rb:22:in `get'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/mixpanel_client-3.1.2/lib/mixpanel/client.rb:55:in `request'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/lib/my_gem/mixpanel_services.rb:233:in `getVersions'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/lib/my_gem/mixpanel_services.rb:287:in `<module:MixpanelSer
vices>'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/lib/my_gem/mixpanel_services.rb:12:in `<top (required)>'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/lib/my_gem/runner.rb:13:in `require_relative'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/lib/my_gem/runner.rb:13:in `<top (required)>'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/site_ruby/1.9.1/rubygems/custom_require.rb:36:in `require'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/site_ruby/1.9.1/rubygems/custom_require.rb:36:in `require'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/bin/my_gem:11:in `<top (required)>'
        from C:/RailsInstaller/Ruby1.9.3/bin/my_gem:23:in `load'
        from C:/RailsInstaller/Ruby1.9.3/bin/my_gem:23:in `<main>'

C:\Sites>

I wonder, is there any way to tell RubyGems to put the ENV[] in its generated output. Probably not easily (I suppose I could hand-edit the file it generates, but this is not scalable).

Thanks for the suggestion!

jishaq commented Nov 15, 2013

@sschwartzman - I like your idea of adding the cacerts.pem to the config, and then using it to set ENV['SSL_CERT_FILE']. I tried this in my Ruby command-line application, but it wasn't working - I was still getting the same error.

The problem is that when I build my gem, the "executable" that RubyGems generates has bootstrap code where it attempts to load my gem (which causes the OpenSSL error) before I ever have a chance to affect the ENV[] statement. Here is the generated bootstrap code:

C:\RailsInstaller\Ruby1.9.3\bin>type my_gem
#!C:/RailsInstaller/Ruby1.9.3/bin/ruby.exe
#
# This file was generated by RubyGems.
#
# The application 'my_gem' is installed as part of a gem, and
# this file is here to facilitate running it.
#

require 'rubygems'

version = ">= 0"

if ARGV.first
  str = ARGV.first
  str = str.dup.force_encoding("BINARY") if str.respond_to? :force_encoding
  if str =~ /\A_(.*)_\z/
    version = $1
    ARGV.shift
  end
end

gem 'my_gem', version
load Gem.bin_path('my_gem', 'my_gem', version)

C:\RailsInstaller\Ruby1.9.3\bin>

And here is the error; you can see ruby running through the bootstrap code above, getting to the "load" line, and processing a 'require' statement in one of my dependencies (mixpanel_client), which eventually barfs.

C:\Sites>my_gem
C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:799:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verif
y failed (OpenSSL::SSL::SSLError)
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:799:in `block in connect'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/timeout.rb:54:in `timeout'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/timeout.rb:99:in `timeout'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:799:in `connect'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:755:in `do_start'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:744:in `start'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:306:in `open_http'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:775:in `buffer_open'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:203:in `block in open_loop'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:201:in `catch'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:201:in `open_loop'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:146:in `open_uri'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:677:in `open'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/open-uri.rb:685:in `read'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/mixpanel_client-3.1.2/lib/mixpanel/uri.rb:22:in `get'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/mixpanel_client-3.1.2/lib/mixpanel/client.rb:55:in `request'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/lib/my_gem/mixpanel_services.rb:233:in `getVersions'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/lib/my_gem/mixpanel_services.rb:287:in `<module:MixpanelSer
vices>'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/lib/my_gem/mixpanel_services.rb:12:in `<top (required)>'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/lib/my_gem/runner.rb:13:in `require_relative'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/lib/my_gem/runner.rb:13:in `<top (required)>'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/site_ruby/1.9.1/rubygems/custom_require.rb:36:in `require'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/site_ruby/1.9.1/rubygems/custom_require.rb:36:in `require'
        from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/my_gem-0.0.6/bin/my_gem:11:in `<top (required)>'
        from C:/RailsInstaller/Ruby1.9.3/bin/my_gem:23:in `load'
        from C:/RailsInstaller/Ruby1.9.3/bin/my_gem:23:in `<main>'

C:\Sites>

I wonder, is there any way to tell RubyGems to put the ENV[] in its generated output. Probably not easily (I suppose I could hand-edit the file it generates, but this is not scalable).

Thanks for the suggestion!

@StevenShi

This comment has been minimized.

Show comment
Hide comment
@StevenShi

StevenShi Nov 19, 2013

THANK YOU!

THANK YOU!

@chrislachance

This comment has been minimized.

Show comment
Hide comment
@chrislachance

chrislachance Dec 23, 2013

Thanks, this worked well!

Thanks, this worked well!

@prakmishra

This comment has been minimized.

Show comment
Hide comment
@prakmishra

prakmishra Dec 24, 2013

Thank you. It worked pretty well.

Thank you. It worked pretty well.

@nedrosat

This comment has been minimized.

Show comment
Hide comment
@nedrosat

nedrosat Jan 22, 2014

Thank you for this amazing Work.

Cheers

Thank you for this amazing Work.

Cheers

@franz-josef-kaiser

This comment has been minimized.

Show comment
Hide comment

Same error as @mandlaanilbabu here.

@anmolonruby

This comment has been minimized.

Show comment
Hide comment
@anmolonruby

anmolonruby Feb 22, 2014

The Ruby way works for me. But how do I make it permanent? What should I paste in the environment variables?

The Ruby way works for me. But how do I make it permanent? What should I paste in the environment variables?

@earnestaddae

This comment has been minimized.

Show comment
Hide comment
@earnestaddae

earnestaddae Mar 20, 2014

I followed your instruction, but it didn't work. Any alternative?

I followed your instruction, but it didn't work. Any alternative?

@punithasai

This comment has been minimized.

Show comment
Hide comment
@punithasai

punithasai Mar 24, 2014

I tried the first command that gave me an error.
Why am i not able to run win_fetch_cacerts.rb ruby file thats there in my desktop?

C:\Users\punitha\aggregator>ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb"
ruby: No such file or directory -- C:/Users/punitha/Desktop/win_fetch_cacerts.rb
(LoadError)

I tried the first command that gave me an error.
Why am i not able to run win_fetch_cacerts.rb ruby file thats there in my desktop?

C:\Users\punitha\aggregator>ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb"
ruby: No such file or directory -- C:/Users/punitha/Desktop/win_fetch_cacerts.rb
(LoadError)

@loki4u

This comment has been minimized.

Show comment
Hide comment
@loki4u

loki4u Apr 1, 2014

thanks it works happily :-)

loki4u commented Apr 1, 2014

thanks it works happily :-)

@palytoxin

This comment has been minimized.

Show comment
Hide comment
@palytoxin

palytoxin Jul 7, 2014

Thanks a lot, it's work for me :)

Thanks a lot, it's work for me :)

@Arduinology

This comment has been minimized.

Show comment
Hide comment
@Arduinology

Arduinology Jul 30, 2014

Awesome, worked like a charm!

Awesome, worked like a charm!

@jules345

This comment has been minimized.

Show comment
Hide comment
@jules345

jules345 Aug 1, 2014

just don't use "net/http" (if possible), use the "httpi" gem because this does the right thing by default !

jules345 commented Aug 1, 2014

just don't use "net/http" (if possible), use the "httpi" gem because this does the right thing by default !

@seanpoulter

This comment has been minimized.

Show comment
Hide comment
@seanpoulter

seanpoulter Aug 24, 2014

Thanks!

It may be worth noting that this does more than just "grab some certificates" from the Curl project, when they are actually sourced from Mozilla and converted to the required format with Curl's lib\mk-ca-bundle.pl script.

Thanks!

It may be worth noting that this does more than just "grab some certificates" from the Curl project, when they are actually sourced from Mozilla and converted to the required format with Curl's lib\mk-ca-bundle.pl script.

@thomthom

This comment has been minimized.

Show comment
Hide comment
@thomthom

thomthom Sep 17, 2014

We are seeing this in SketchUp 2014 which uses embedded Ruby 2.0. I found that by setting ENV["SSL_CERT_FILE"] to point to the cert file here will make HTTP with SSL work. But since a SketchUp user has many extensions installed there is no guaranty that one extension has not required the net/http lib without doing this - then it break for everyone else.

Can you shed some more light to where this cert file comes from? And is there a way Ruby can be rebuilt to use it? We're trying to figure out if we can fix this out of the box for SketchUp.

We are seeing this in SketchUp 2014 which uses embedded Ruby 2.0. I found that by setting ENV["SSL_CERT_FILE"] to point to the cert file here will make HTTP with SSL work. But since a SketchUp user has many extensions installed there is no guaranty that one extension has not required the net/http lib without doing this - then it break for everyone else.

Can you shed some more light to where this cert file comes from? And is there a way Ruby can be rebuilt to use it? We're trying to figure out if we can fix this out of the box for SketchUp.

@cocolote

This comment has been minimized.

Show comment
Hide comment
@cocolote

cocolote Sep 20, 2014

Nice bro! everything working here!

Nice bro! everything working here!

@salqadri

This comment has been minimized.

Show comment
Hide comment
@salqadri

salqadri Sep 26, 2014

Did not work for me. First of all, it gave an error due to the directory RailsInstaller not existing. So I manually created it, but after doing it I still got the SSL error. I even added the env var to the control panel. Didn't help.

Did not work for me. First of all, it gave an error due to the directory RailsInstaller not existing. So I manually created it, but after doing it I still got the SSL error. I even added the env var to the control panel. Didn't help.

@d1castrob

This comment has been minimized.

Show comment
Hide comment
@d1castrob

d1castrob Oct 7, 2014

First of all thank you! this has worked wonders for me. However, yesterday the auth on my app stopped working (I get 401:Unauthorized). I also noticed that if I don't run the script, I used to get the Faraday Error but I now get the 401. The oauth settings on my app (key, secret, url, etc.) remain unchanged from the last time I used them. Any idea why this might be happening?

First of all thank you! this has worked wonders for me. However, yesterday the auth on my app stopped working (I get 401:Unauthorized). I also noticed that if I don't run the script, I used to get the Faraday Error but I now get the 401. The oauth settings on my app (key, secret, url, etc.) remain unchanged from the last time I used them. Any idea why this might be happening?

@philiplorenzo

This comment has been minimized.

Show comment
Hide comment

Thank you!

@ryanafleming

This comment has been minimized.

Show comment
Hide comment
@ryanafleming

ryanafleming Oct 14, 2014

D:\My Documents\Ruby>ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb"
C:/Users/Owner/Desktop/win_fetch_cacerts.rb:9:in initialize': No such file or d irectory @ rb_sysopen - c:/RailsInstaller/cacert.pem (Errno::ENOENT) from C:/Users/Owner/Desktop/win_fetch_cacerts.rb:9:inopen'
from C:/Users/Owner/Desktop/win_fetch_cacerts.rb:9:in block in <main>' from C:/Ruby21-x64/lib/ruby/2.1.0/net/http.rb:853:instart'
from C:/Ruby21-x64/lib/ruby/2.1.0/net/http.rb:583:in start' from C:/Users/Owner/Desktop/win_fetch_cacerts.rb:6:in

'

This was fixed by changing the rubyinstaller drectory in the the win_fetch_cacerts.rb file:
From:
cacert_file = File.join(%w{c: RubyInstaller cacert.pem})
to:
cacert_file = File.join(%w{c: Ruby21-x64 cacert.pem})
...or whatever your ruby install dir was...

D:\My Documents\Ruby>ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb"
C:/Users/Owner/Desktop/win_fetch_cacerts.rb:9:in initialize': No such file or d irectory @ rb_sysopen - c:/RailsInstaller/cacert.pem (Errno::ENOENT) from C:/Users/Owner/Desktop/win_fetch_cacerts.rb:9:inopen'
from C:/Users/Owner/Desktop/win_fetch_cacerts.rb:9:in block in <main>' from C:/Ruby21-x64/lib/ruby/2.1.0/net/http.rb:853:instart'
from C:/Ruby21-x64/lib/ruby/2.1.0/net/http.rb:583:in start' from C:/Users/Owner/Desktop/win_fetch_cacerts.rb:6:in

'

This was fixed by changing the rubyinstaller drectory in the the win_fetch_cacerts.rb file:
From:
cacert_file = File.join(%w{c: RubyInstaller cacert.pem})
to:
cacert_file = File.join(%w{c: Ruby21-x64 cacert.pem})
...or whatever your ruby install dir was...

@Victorgf87

This comment has been minimized.

Show comment
Hide comment
@Victorgf87

Victorgf87 Oct 17, 2014

Sadly this didn't work for me =(
Still getting the same error

Sadly this didn't work for me =(
Still getting the same error

@sjackman

This comment has been minimized.

Show comment
Hide comment

sjackman commented Nov 7, 2014

πŸ‘

@DavidJFelix

This comment has been minimized.

Show comment
Hide comment
@DavidJFelix

DavidJFelix Dec 2, 2014

FYI, you don't have to open the control panel to make the change permanent, just use setx instead of set

FYI, you don't have to open the control panel to make the change permanent, just use setx instead of set

@lawrencewalters

This comment has been minimized.

Show comment
Hide comment

πŸ‘

@jspearlman

This comment has been minimized.

Show comment
Hide comment
@jspearlman

jspearlman Dec 5, 2014

Thanks, very helpful.

Thanks, very helpful.

@vchervanev

This comment has been minimized.

Show comment
Hide comment
@vchervanev

vchervanev Dec 6, 2014

works fine since I fixed my "installation" folder, thank you!

works fine since I fixed my "installation" folder, thank you!

@FlatspinZA

This comment has been minimized.

Show comment
Hide comment
@FlatspinZA

FlatspinZA Dec 7, 2014

Did I say thanks, thanks!

Did I say thanks, thanks!

@vchervanev

This comment has been minimized.

Show comment
Hide comment
@vchervanev

vchervanev Dec 8, 2014

btw, I think the up-to-date explanation for another but similar problem is https://gist.github.com/luislavena/f064211759ee0f806c88

btw, I think the up-to-date explanation for another but similar problem is https://gist.github.com/luislavena/f064211759ee0f806c88

@tasos-ch

This comment has been minimized.

Show comment
Hide comment
@tasos-ch

tasos-ch Dec 8, 2014

Works great!

Thanks a lot.

Just for reference, my installation details:

  • Windows 7 Pro x64
  • Ruby 2.1.5p273

tasos-ch commented Dec 8, 2014

Works great!

Thanks a lot.

Just for reference, my installation details:

  • Windows 7 Pro x64
  • Ruby 2.1.5p273
@heartonbit

This comment has been minimized.

Show comment
Hide comment
@heartonbit

heartonbit Dec 10, 2014

Works like a charm. Thx!

Works like a charm. Thx!

@germanmunoz

This comment has been minimized.

Show comment
Hide comment
@germanmunoz

germanmunoz Dec 10, 2014

Still working. Thanks!

Still working. Thanks!

@chrisgray79

This comment has been minimized.

Show comment
Hide comment
@chrisgray79

chrisgray79 Dec 11, 2014

Thank you! After so many options of solutions, this was my "last ditch effort" before moving on to a non-ruby solution.

Thank you! After so many options of solutions, this was my "last ditch effort" before moving on to a non-ruby solution.

@ssebastianj

This comment has been minimized.

Show comment
Hide comment
@ssebastianj

ssebastianj Dec 14, 2014

Nice solution!! Thanks!! πŸ˜„

Nice solution!! Thanks!! πŸ˜„

@sethveale

This comment has been minimized.

Show comment
Hide comment

πŸ‘

@mehulcrest

This comment has been minimized.

Show comment
Hide comment
@mehulcrest

mehulcrest Dec 16, 2014

Thank you 😊

Thank you 😊

@romdarom

This comment has been minimized.

Show comment
Hide comment
@romdarom

romdarom Dec 18, 2014

worked like a charm for me thank you

worked like a charm for me thank you

@stenit

This comment has been minimized.

Show comment
Hide comment
@stenit

stenit Dec 19, 2014

Amazing! Cheers! May be you can edit your documentation "The Ruby fun way", because I needed to create manually a folder named "C:\RailsInstaller". Otherwise I got:

/win_fetch_cacerts.rb:9:in `initialize': No such file or directory @ rb_sysopen - c:/RailsInstaller/cacert.pem (Errno::ENOENT)

stenit commented Dec 19, 2014

Amazing! Cheers! May be you can edit your documentation "The Ruby fun way", because I needed to create manually a folder named "C:\RailsInstaller". Otherwise I got:

/win_fetch_cacerts.rb:9:in `initialize': No such file or directory @ rb_sysopen - c:/RailsInstaller/cacert.pem (Errno::ENOENT)

@ermaneng

This comment has been minimized.

Show comment
Hide comment
@ermaneng

ermaneng Dec 19, 2014

works great

works great

@vbsql7

This comment has been minimized.

Show comment
Hide comment
@vbsql7

vbsql7 Dec 20, 2014

Thank you very much for this. The Ruby (fun) way gave me trouble, but I got through it with the Manual (boring) way. Thanks for being so thorough!

vbsql7 commented Dec 20, 2014

Thank you very much for this. The Ruby (fun) way gave me trouble, but I got through it with the Manual (boring) way. Thanks for being so thorough!

@thany

This comment has been minimized.

Show comment
Hide comment
@thany

thany Dec 21, 2014

C:\Users\Me>ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb"
C:/Users/Me/Desktop/win_fetch_cacerts.rb:9:in `initialize': No such file or directory @ rb_sysopen - c:/RailsInstaller/cacert.pem
(Errno::ENOENT)
        from C:/Users/Me/Desktop/win_fetch_cacerts.rb:9:in `open'
        from C:/Users/Me/Desktop/win_fetch_cacerts.rb:9:in `block in <main>'
        from C:/Ruby21-x64/lib/ruby/2.1.0/net/http.rb:853:in `start'
        from C:/Ruby21-x64/lib/ruby/2.1.0/net/http.rb:583:in `start'
        from C:/Users/Me/Desktop/win_fetch_cacerts.rb:6:in `<main>'

I don't have a C:\Railsinstaller folder. I don't have or need or use or want Rails. I think. Just ruby really.

thany commented Dec 21, 2014

C:\Users\Me>ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb"
C:/Users/Me/Desktop/win_fetch_cacerts.rb:9:in `initialize': No such file or directory @ rb_sysopen - c:/RailsInstaller/cacert.pem
(Errno::ENOENT)
        from C:/Users/Me/Desktop/win_fetch_cacerts.rb:9:in `open'
        from C:/Users/Me/Desktop/win_fetch_cacerts.rb:9:in `block in <main>'
        from C:/Ruby21-x64/lib/ruby/2.1.0/net/http.rb:853:in `start'
        from C:/Ruby21-x64/lib/ruby/2.1.0/net/http.rb:583:in `start'
        from C:/Users/Me/Desktop/win_fetch_cacerts.rb:6:in `<main>'

I don't have a C:\Railsinstaller folder. I don't have or need or use or want Rails. I think. Just ruby really.

@saninb

This comment has been minimized.

Show comment
Hide comment

saninb commented Dec 23, 2014

Great !

@viratcrest

This comment has been minimized.

Show comment
Hide comment
@viratcrest

viratcrest Dec 29, 2014

Thanks...Works for me

Thanks...Works for me

@rahulmr

This comment has been minimized.

Show comment
Hide comment
@rahulmr

rahulmr Jan 2, 2015

Great!! Thanks a lot! I just downloaded the cacert.pem file in user directory C:\Users\username\cacert.pem and set the variable SSL_CERT_FILE using set SSL_CERT_FILE=C:\Users\username\cacert.pem and everything started working as expected.

rahulmr commented Jan 2, 2015

Great!! Thanks a lot! I just downloaded the cacert.pem file in user directory C:\Users\username\cacert.pem and set the variable SSL_CERT_FILE using set SSL_CERT_FILE=C:\Users\username\cacert.pem and everything started working as expected.

@alonzathompson

This comment has been minimized.

Show comment
Hide comment
@alonzathompson

alonzathompson Jan 4, 2015

Man you are the greatest ....coming from an inspired noob developer

Man you are the greatest ....coming from an inspired noob developer

@manters2000

This comment has been minimized.

Show comment
Hide comment
@manters2000

manters2000 Jan 14, 2015

Thank you for this instruction mate, worked like a charm! πŸ˜„

Thank you for this instruction mate, worked like a charm! πŸ˜„

@jameskraus

This comment has been minimized.

Show comment
Hide comment
@jameskraus

jameskraus Jan 15, 2015

Much appreciated!

Much appreciated!

@OysteinAmundsen

This comment has been minimized.

Show comment
Hide comment
@OysteinAmundsen

OysteinAmundsen Jan 15, 2015

Thank you. Couldn't get the "Ruby way" to work, but the "Manual way" works like a charm.

Thank you. Couldn't get the "Ruby way" to work, but the "Manual way" works like a charm.

@anicething

This comment has been minimized.

Show comment
Hide comment
@anicething

anicething Jan 15, 2015

thanks man, you saved my ass.

thanks man, you saved my ass.

@nithinkumar

This comment has been minimized.

Show comment
Hide comment
@nithinkumar

nithinkumar Jan 17, 2015

not able to download cacert.pem

not able to download cacert.pem

@danieldogeanu

This comment has been minimized.

Show comment
Hide comment
@danieldogeanu

danieldogeanu Jan 18, 2015

Oh bloody hell! I can't get it to work at all. I fixed the SSL error and now I get this:

DL is deprecated, please use Fiddle
C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/shopify_theme-0.0.21/lib/shopify_theme.rb:57:in `asset_list': undefined method `collect' for nil:NilClass (NoMethodError)
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/shopify_theme-0.0.21/lib/shopify_theme/cli.rb:78:in `download'
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/thor-0.19.1/lib/thor/command.rb:27:in `run'
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/thor-0.19.1/lib/thor/invocation.rb:126:in `invoke_command'
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/thor-0.19.1/lib/thor.rb:359:in `dispatch'
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/thor-0.19.1/lib/thor/base.rb:440:in `start'
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/shopify_theme-0.0.21/bin/theme:24:in `<top (required)>'
        from C:/Programs/Ruby/bin/theme:23:in `load'
        from C:/Programs/Ruby/bin/theme:23:in `<main>'

How do I fix this? Please help!

Oh bloody hell! I can't get it to work at all. I fixed the SSL error and now I get this:

DL is deprecated, please use Fiddle
C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/shopify_theme-0.0.21/lib/shopify_theme.rb:57:in `asset_list': undefined method `collect' for nil:NilClass (NoMethodError)
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/shopify_theme-0.0.21/lib/shopify_theme/cli.rb:78:in `download'
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/thor-0.19.1/lib/thor/command.rb:27:in `run'
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/thor-0.19.1/lib/thor/invocation.rb:126:in `invoke_command'
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/thor-0.19.1/lib/thor.rb:359:in `dispatch'
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/thor-0.19.1/lib/thor/base.rb:440:in `start'
        from C:/Programs/Ruby/lib/ruby/gems/2.1.0/gems/shopify_theme-0.0.21/bin/theme:24:in `<top (required)>'
        from C:/Programs/Ruby/bin/theme:23:in `load'
        from C:/Programs/Ruby/bin/theme:23:in `<main>'

How do I fix this? Please help!

@danielpsf

This comment has been minimized.

Show comment
Hide comment
@danielpsf

danielpsf Jan 22, 2015

Thank you! I did the manually steps and it is working perfectly now.

Thank you! I did the manually steps and it is working perfectly now.

@theassyrian

This comment has been minimized.

Show comment
Hide comment
@theassyrian

theassyrian Jan 22, 2015

Thank you so much Fletcher
I used your cert file and modified my env on windows and it works with the newest ruby !

C:\software\ruby\bin>cat setrbvars.bat
@echo OFF
REM Determine where is RUBY_BIN (where this script is)
PUSHD %~dp0.
SET RUBY_BIN=%CD%
POPD
REM Add RUBY_BIN to the PATH
REM RUBY_BIN takes higher priority to avoid other tools
REM conflict with our own (mainly the DevKit)
SET PATH=%RUBY_BIN%;%PATH%
SET RUBY_BIN=
set SSL_CERT_FILE=C:\users\root\cacert.pem
REM Display Ruby version

ruby.exe -v
C:\software\ruby\bin>ruby -v
ruby 2.1.5p273 (2014-11-13 revision 48405) [x64-mingw32]

Thank you so much Fletcher
I used your cert file and modified my env on windows and it works with the newest ruby !

C:\software\ruby\bin>cat setrbvars.bat
@echo OFF
REM Determine where is RUBY_BIN (where this script is)
PUSHD %~dp0.
SET RUBY_BIN=%CD%
POPD
REM Add RUBY_BIN to the PATH
REM RUBY_BIN takes higher priority to avoid other tools
REM conflict with our own (mainly the DevKit)
SET PATH=%RUBY_BIN%;%PATH%
SET RUBY_BIN=
set SSL_CERT_FILE=C:\users\root\cacert.pem
REM Display Ruby version

ruby.exe -v
C:\software\ruby\bin>ruby -v
ruby 2.1.5p273 (2014-11-13 revision 48405) [x64-mingw32]

@kyusufm

This comment has been minimized.

Show comment
Hide comment
@kyusufm

kyusufm Jan 23, 2015

this really help. thanks you so much Fletcher..

kyusufm commented Jan 23, 2015

this really help. thanks you so much Fletcher..

@s4sanjoy

This comment has been minimized.

Show comment
Hide comment
@s4sanjoy

s4sanjoy Feb 1, 2015

Excellent!!!! Thanks a lot ! :)

s4sanjoy commented Feb 1, 2015

Excellent!!!! Thanks a lot ! :)

@kmne68

This comment has been minimized.

Show comment
Hide comment
@kmne68

kmne68 Feb 4, 2015

And there was much rejoicing!

kmne68 commented Feb 4, 2015

And there was much rejoicing!

@sunil-sarjug

This comment has been minimized.

Show comment
Hide comment
@sunil-sarjug

sunil-sarjug Feb 6, 2015

Awesome ! Thank you for explaining the problem, and methodically resolving the issue.

Awesome ! Thank you for explaining the problem, and methodically resolving the issue.

@leegwangjong

This comment has been minimized.

Show comment
Hide comment
@leegwangjong

leegwangjong Feb 9, 2015

Thank you. It is very helpful!!! πŸ˜ƒ

Thank you. It is very helpful!!! πŸ˜ƒ

@sagar1099

This comment has been minimized.

Show comment
Hide comment
@sagar1099

sagar1099 Feb 19, 2015

that's what i was looking for 2 days. Awesome . Worked like charm. Thank you very much. πŸ˜„ ☺️

that's what i was looking for 2 days. Awesome . Worked like charm. Thank you very much. πŸ˜„ ☺️

@Chuchoo

This comment has been minimized.

Show comment
Hide comment
@Chuchoo

Chuchoo Feb 19, 2015

I am getting the following error message even after installing and setting
set SSL_CERT_FILE=C:\RailsInstaller\cacert.pem

Error message:

C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent/ssl_reuse.rb:70:in SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError) from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent/ssl_reu from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/timeout.rb:55:intimeout'
from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/timeout.rbπŸ’―in timeout' from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent/ssl_reu from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:756:indo_start'
from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:751:in start' from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent.rb:700: from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent.rb:631: from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent.rb:994: from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/mechanize-2.7.3/lib/mechanize/http/agent.rb:259:infetch
from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/mechanize-2.7.3/lib/mechanize.rb:440:in get' from first.rb:19:in

'

I am trying to login to flicker.com using mechanize gem in ruby.

Chuchoo commented Feb 19, 2015

I am getting the following error message even after installing and setting
set SSL_CERT_FILE=C:\RailsInstaller\cacert.pem

Error message:

C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent/ssl_reuse.rb:70:in SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError) from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent/ssl_reu from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/timeout.rb:55:intimeout'
from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/timeout.rbπŸ’―in timeout' from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent/ssl_reu from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:756:indo_start'
from C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:751:in start' from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent.rb:700: from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent.rb:631: from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/net-http-persistent-2.9.4/lib/net/http/persistent.rb:994: from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/mechanize-2.7.3/lib/mechanize/http/agent.rb:259:infetch
from C:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/mechanize-2.7.3/lib/mechanize.rb:440:in get' from first.rb:19:in

'

I am trying to login to flicker.com using mechanize gem in ruby.

@cmloegcmluin

This comment has been minimized.

Show comment
Hide comment
@cmloegcmluin

cmloegcmluin Feb 22, 2015

OMG lifesaver. thank you so much.

OMG lifesaver. thank you so much.

@dmitryvmin

This comment has been minimized.

Show comment
Hide comment
@dmitryvmin

dmitryvmin Feb 24, 2015

Worked perfectly, thanks!

Worked perfectly, thanks!

@isarmstrong

This comment has been minimized.

Show comment
Hide comment
@isarmstrong

isarmstrong Mar 8, 2015

Dear Gist,

Thank you... again. This never gets old.

Dear Gist,

Thank you... again. This never gets old.

@Stoffo

This comment has been minimized.

Show comment
Hide comment
@Stoffo

Stoffo Mar 9, 2015

very cool, thank you!

Stoffo commented Mar 9, 2015

very cool, thank you!

@odytrice

This comment has been minimized.

Show comment
Hide comment
@odytrice

odytrice Apr 6, 2015

None of this is fun. Is having the list of CA Certs embeded in the ssl gem or source too much to ask? I know it is not your fault and thank you so much for your solution.. But I have been pulling my hair out for an issue that should never have existed in the first place. sigh

odytrice commented Apr 6, 2015

None of this is fun. Is having the list of CA Certs embeded in the ssl gem or source too much to ask? I know it is not your fault and thank you so much for your solution.. But I have been pulling my hair out for an issue that should never have existed in the first place. sigh

@nandox

This comment has been minimized.

Show comment
Hide comment
@nandox

nandox Apr 10, 2015

Thanks a lot! It fixed the problem perfectly. I'm concerned about RailsInstaller not fixing this problem since 2012!

nandox commented Apr 10, 2015

Thanks a lot! It fixed the problem perfectly. I'm concerned about RailsInstaller not fixing this problem since 2012!

@mizutaki

This comment has been minimized.

Show comment
Hide comment
@mizutaki

mizutaki Apr 22, 2015

thank you so much!!

thank you so much!!

@re9ulus

This comment has been minimized.

Show comment
Hide comment
@re9ulus

re9ulus Apr 26, 2015

Thank you, it works.

re9ulus commented Apr 26, 2015

Thank you, it works.

@pitrik

This comment has been minimized.

Show comment
Hide comment
@pitrik

pitrik May 7, 2015

So, this works for me, but I have to do it every session. I've tried adding it to my control panel environment variables, to no avail. Does anyone have any tips for doing this? Maybe I'm doing something wrong.

It's not the end of the world to type it in each time, but it's a small quality of life thing!

pitrik commented May 7, 2015

So, this works for me, but I have to do it every session. I've tried adding it to my control panel environment variables, to no avail. Does anyone have any tips for doing this? Maybe I'm doing something wrong.

It's not the end of the world to type it in each time, but it's a small quality of life thing!

@ravuthz

This comment has been minimized.

Show comment
Hide comment
@ravuthz

ravuthz May 12, 2015

This is great, thank you.

ravuthz commented May 12, 2015

This is great, thank you.

@chapgaga

This comment has been minimized.

Show comment
Hide comment
@chapgaga

chapgaga May 19, 2015

@allybee why i failed even after i set the environmental variable?

@allybee why i failed even after i set the environmental variable?

@rajeshchawla

This comment has been minimized.

Show comment
Hide comment

+1

@ramugogurla

This comment has been minimized.

Show comment
Hide comment
@ramugogurla

ramugogurla Jul 9, 2015

Done in the same way but getting below error....any idea?????

C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpclient-2.6.0.1/lib/httpclient/ssl_config.rb:199:in add_file': PEM lib (OpenSSL::X509::StoreError) from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpclient-2.6.0.1/lib/httpclient/ssl_config.rb:199:inadd_trust_ca_to_store'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpclient-2.6.0.1/lib/httpclient/ssl_config.rb:190:in add_trust_ca' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpi-2.4.1/lib/httpi/adapter/httpclient.rb:62:insetup_ssl_auth'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpi-2.4.1/lib/httpi/adapter/httpclient.rb:44:in setup_client' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpi-2.4.1/lib/httpi/adapter/httpclient.rb:25:inrequest'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpi-2.4.1/lib/httpi.rb:161:in request' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpi-2.4.1/lib/httpi.rb:127:inget'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/resolver.rb:43:in load_from_remote' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/resolver.rb:33:inresolve'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/document.rb:142:in xml' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/document.rb:160:inparse'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/document.rb:147:in parser' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/document.rb:64:insoap_actions'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/savon-2.11.1/lib/savon/operation.rb:22:in ensure_exists!' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/savon-2.11.1/lib/savon/operation.rb:15:increate'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/savon-2.11.1/lib/savon/client.rb:32:in operation' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/savon-2.11.1/lib/savon/client.rb:36:incall'
from C:/Users/lrtm432/My Documents/Aptana Studio 3 Workspace/EDRS REQUEST WSDL/SSLFIX.rb:66:in `

'

Done in the same way but getting below error....any idea?????

C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpclient-2.6.0.1/lib/httpclient/ssl_config.rb:199:in add_file': PEM lib (OpenSSL::X509::StoreError) from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpclient-2.6.0.1/lib/httpclient/ssl_config.rb:199:inadd_trust_ca_to_store'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpclient-2.6.0.1/lib/httpclient/ssl_config.rb:190:in add_trust_ca' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpi-2.4.1/lib/httpi/adapter/httpclient.rb:62:insetup_ssl_auth'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpi-2.4.1/lib/httpi/adapter/httpclient.rb:44:in setup_client' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpi-2.4.1/lib/httpi/adapter/httpclient.rb:25:inrequest'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpi-2.4.1/lib/httpi.rb:161:in request' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/httpi-2.4.1/lib/httpi.rb:127:inget'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/resolver.rb:43:in load_from_remote' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/resolver.rb:33:inresolve'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/document.rb:142:in xml' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/document.rb:160:inparse'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/document.rb:147:in parser' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/wasabi-3.5.0/lib/wasabi/document.rb:64:insoap_actions'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/savon-2.11.1/lib/savon/operation.rb:22:in ensure_exists!' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/savon-2.11.1/lib/savon/operation.rb:15:increate'
from C:/Ruby193/lib/ruby/gems/1.9.1/gems/savon-2.11.1/lib/savon/client.rb:32:in operation' from C:/Ruby193/lib/ruby/gems/1.9.1/gems/savon-2.11.1/lib/savon/client.rb:36:incall'
from C:/Users/lrtm432/My Documents/Aptana Studio 3 Workspace/EDRS REQUEST WSDL/SSLFIX.rb:66:in `

'

@Befzz

This comment has been minimized.

Show comment
Hide comment
@Befzz

Befzz Jul 28, 2015

for Windows with PowerShell installed

Installing Windows PowerShell

Paste this 1line code in command console: (WIN + R, cmd)

powershell -Command "& {$fname='cacert.pem'; $outpath=\"$($(Get-ChildItem Env:USERPROFILE).Value)/$fname\"; Invoke-WebRequest http://curl.haxx.se/ca/$fname -OutFile \"$outpath\"; [Environment]::SetEnvironmentVariable('SSL_CERT_FILE', \"$outpath\", 'User')}"

Script will do:

  1. Download http://curl.haxx.se/ca/cacert.pem
  2. Save it as %USERPROFILE%/cacert.pem ( C:\Users\__you__\cacert.pem)
  3. Set persistent environment variable for current user SSL_CERT_FILE as %USERPROFILE%/cacert.pem

Befzz commented Jul 28, 2015

for Windows with PowerShell installed

Installing Windows PowerShell

Paste this 1line code in command console: (WIN + R, cmd)

powershell -Command "& {$fname='cacert.pem'; $outpath=\"$($(Get-ChildItem Env:USERPROFILE).Value)/$fname\"; Invoke-WebRequest http://curl.haxx.se/ca/$fname -OutFile \"$outpath\"; [Environment]::SetEnvironmentVariable('SSL_CERT_FILE', \"$outpath\", 'User')}"

Script will do:

  1. Download http://curl.haxx.se/ca/cacert.pem
  2. Save it as %USERPROFILE%/cacert.pem ( C:\Users\__you__\cacert.pem)
  3. Set persistent environment variable for current user SSL_CERT_FILE as %USERPROFILE%/cacert.pem
@jjgh

This comment has been minimized.

Show comment
Hide comment
@jjgh

jjgh Aug 3, 2015

@Befzz I did that and fixed it, thanks!

But I wonder, shouldn't Windows (or generally any modern O.S. "for the people"), manage this automatically ? I mean, what if the official cacert.pem file changes? Maybe there is an "official" folder where Windows automatically stores cacert.pem (periodically updating it with most recent version) ?

Or is this important aspect all left to what developers do? What if they supply a malicious cacert.pem file?
Probably it won't do much bad because it would still need to be verified against other keys.. but still.. I'd expect a modern O.S. to download this file before anything else on the very first Internet connection.. or am I just overrating this?

jjgh commented Aug 3, 2015

@Befzz I did that and fixed it, thanks!

But I wonder, shouldn't Windows (or generally any modern O.S. "for the people"), manage this automatically ? I mean, what if the official cacert.pem file changes? Maybe there is an "official" folder where Windows automatically stores cacert.pem (periodically updating it with most recent version) ?

Or is this important aspect all left to what developers do? What if they supply a malicious cacert.pem file?
Probably it won't do much bad because it would still need to be verified against other keys.. but still.. I'd expect a modern O.S. to download this file before anything else on the very first Internet connection.. or am I just overrating this?

@jjgh

This comment has been minimized.

Show comment
Hide comment
@jjgh

jjgh Aug 4, 2015

Damnit! I spent the last 3 hours fighting with this!

I did not want to set a permanent environment variable in Windows, so I was doing:

ENV['SSL_CERT_FILE'] = Dir.pwd + '/cacert.pem'

by which I was simply trying to set a process-life time-spanning environment variable (pointing to "cacert.pem" in the app directory) just for my script.... but it was erroring out again as before, despite that debugging with system 'set SSL_CERT_FILE' (which would just print the value of the env var) was reporting the variable to be set correctly. The only clue I had was that in the following little script with just the minimum lines of code it was working!

ENV['SSL_CERT_FILE'] = Dir.pwd + '/cacert.pem' 
require 'yt'
videos = Yt::Collections::Videos.new
puts videos.where(order: 'viewCount').first.title

So after disabling almost everything step by step in my real script at the end I was baffled to find out that for some obscure reason I just needed to put ENV['SSL_CERT_FILE'] = Dir.pwd + '/cacert.pem' at the top of the file for it to work!

..and they just call em "gotchas".. phew!
hope it helps someone else..

jjgh commented Aug 4, 2015

Damnit! I spent the last 3 hours fighting with this!

I did not want to set a permanent environment variable in Windows, so I was doing:

ENV['SSL_CERT_FILE'] = Dir.pwd + '/cacert.pem'

by which I was simply trying to set a process-life time-spanning environment variable (pointing to "cacert.pem" in the app directory) just for my script.... but it was erroring out again as before, despite that debugging with system 'set SSL_CERT_FILE' (which would just print the value of the env var) was reporting the variable to be set correctly. The only clue I had was that in the following little script with just the minimum lines of code it was working!

ENV['SSL_CERT_FILE'] = Dir.pwd + '/cacert.pem' 
require 'yt'
videos = Yt::Collections::Videos.new
puts videos.where(order: 'viewCount').first.title

So after disabling almost everything step by step in my real script at the end I was baffled to find out that for some obscure reason I just needed to put ENV['SSL_CERT_FILE'] = Dir.pwd + '/cacert.pem' at the top of the file for it to work!

..and they just call em "gotchas".. phew!
hope it helps someone else..

@hallmatt

This comment has been minimized.

Show comment
Hide comment
@hallmatt

hallmatt Aug 27, 2015

Thanks @jjgh saved me!

Thanks @jjgh saved me!

@emallove-cayan

This comment has been minimized.

Show comment
Hide comment
@tntkhang

This comment has been minimized.

Show comment
Hide comment
@tntkhang

tntkhang Sep 14, 2015

Thanks ! It saved me a lot of time

Thanks ! It saved me a lot of time

@cyberid41

This comment has been minimized.

Show comment
Hide comment
@cyberid41

cyberid41 Sep 15, 2015

πŸ‘ worked on Windows 10, thank's

πŸ‘ worked on Windows 10, thank's

@drewhaines

This comment has been minimized.

Show comment
Hide comment
@drewhaines

drewhaines Sep 16, 2015

Another happy coder! Thanks a bunch!

Another happy coder! Thanks a bunch!

@rudolfaraya

This comment has been minimized.

Show comment
Hide comment

Thanks

@mrjcleaver

This comment has been minimized.

Show comment
Hide comment
@mrjcleaver

mrjcleaver Sep 25, 2015

Fletcher - per northworld/google_calendar#79 - is it expected that this would be necessary on a Mac? I see it under Chefdk. Thanks, M.

Fletcher - per northworld/google_calendar#79 - is it expected that this would be necessary on a Mac? I see it under Chefdk. Thanks, M.

@ruhancirci

This comment has been minimized.

Show comment
Hide comment
@ruhancirci

ruhancirci Sep 29, 2015

thanks a lot!!!

thanks a lot!!!

@TheManiacalCoder

This comment has been minimized.

Show comment
Hide comment
@TheManiacalCoder

TheManiacalCoder Oct 1, 2015

Wow sir, you are a god among men, πŸ‘

Wow sir, you are a god among men, πŸ‘

@Onumis

This comment has been minimized.

Show comment
Hide comment
@Onumis

Onumis Oct 5, 2015

Thanks, you 🎸

Onumis commented Oct 5, 2015

Thanks, you 🎸

@ceciliayang213

This comment has been minimized.

Show comment
Hide comment
@ceciliayang213

ceciliayang213 Oct 26, 2015

You saved my day!
I am new to programming and it's my very first day to learn ruby.
I got so frustrated trying to solve this SSL problem.
I have been looking for solutions for hours and I am so lucky to finally find your post.
Thank you so much!

You saved my day!
I am new to programming and it's my very first day to learn ruby.
I got so frustrated trying to solve this SSL problem.
I have been looking for solutions for hours and I am so lucky to finally find your post.
Thank you so much!

@Taym95

This comment has been minimized.

Show comment
Hide comment
@Taym95

Taym95 Oct 29, 2015

Thank you so much

Taym95 commented Oct 29, 2015

Thank you so much

@mc07

This comment has been minimized.

Show comment
Hide comment
@mc07

mc07 Nov 4, 2015

I just followed the above transaction.

But I can't access my project using 'https://myProject:3000/signin'.

How will it work. I am using jruby.

Thanks!

mc07 commented Nov 4, 2015

I just followed the above transaction.

But I can't access my project using 'https://myProject:3000/signin'.

How will it work. I am using jruby.

Thanks!

@Jazzthedog

This comment has been minimized.

Show comment
Hide comment
@Jazzthedog

Jazzthedog Nov 5, 2015

Yes, I forgot about this little "quirk". Thanks!

Yes, I forgot about this little "quirk". Thanks!

@dayudodo

This comment has been minimized.

Show comment
Hide comment
@dayudodo

dayudodo Nov 26, 2015

A thanks from China, It is very helpful!!! πŸ˜ƒ

A thanks from China, It is very helpful!!! πŸ˜ƒ

@powermeza

This comment has been minimized.

Show comment
Hide comment
@powermeza

powermeza Nov 30, 2015

This SSL error was driving me bananas, the same snippet of code worked OK on Ubuntu but when ported to Win it will not run :-( until I read your solution... a BIG thanks!

This SSL error was driving me bananas, the same snippet of code worked OK on Ubuntu but when ported to Win it will not run :-( until I read your solution... a BIG thanks!

@moiwycliff

This comment has been minimized.

Show comment
Hide comment
@moiwycliff

moiwycliff Dec 1, 2015

oooh now i can breath! a BIG THANKS! finally am back on track... thanks alot.

oooh now i can breath! a BIG THANKS! finally am back on track... thanks alot.

@mertozsaydi

This comment has been minimized.

Show comment
Hide comment

Thank you!

@armresler

This comment has been minimized.

Show comment
Hide comment
@armresler

armresler Dec 5, 2015

Thank you!! It did work!!

Thank you!! It did work!!

@Steve-O-Cassels

This comment has been minimized.

Show comment
Hide comment
@Steve-O-Cassels

Steve-O-Cassels Jan 4, 2016

Thanks Fletcher - nice script. Automation worked for me on Win 10.

Thanks Fletcher - nice script. Automation worked for me on Win 10.

@westche

This comment has been minimized.

Show comment
Hide comment
@westche

westche Feb 9, 2016

I completed these steps but still getting the Faraday::SSLError in HomeController#index ? Any other ideas!
using W10 -
ruby 2.1.5p273 (2014-11-13 revision 48405) [i386-mingw32] -
'rails', '4.1.8'

westche commented Feb 9, 2016

I completed these steps but still getting the Faraday::SSLError in HomeController#index ? Any other ideas!
using W10 -
ruby 2.1.5p273 (2014-11-13 revision 48405) [i386-mingw32] -
'rails', '4.1.8'

@kjendrzyca

This comment has been minimized.

Show comment
Hide comment

thank you!

@lalehmb

This comment has been minimized.

Show comment
Hide comment
@lalehmb

lalehmb Feb 20, 2016

thanks,

how can i get it work on linux? i've followed the manual instruction , and instead of windows path i gave it linux paths to the mentioned file. but it didn't work.

may you help me please?

lalehmb commented Feb 20, 2016

thanks,

how can i get it work on linux? i've followed the manual instruction , and instead of windows path i gave it linux paths to the mentioned file. but it didn't work.

may you help me please?

@yogeshkul

This comment has been minimized.

Show comment
Hide comment
@yogeshkul

yogeshkul Feb 26, 2016

Great solution. Did it the boring way though :)

Great solution. Did it the boring way though :)

@jgadbois

This comment has been minimized.

Show comment
Hide comment
@jgadbois

jgadbois Mar 3, 2016

Works for me on some sites, but fails on others...any way to get a more complete cert?

jgadbois commented Mar 3, 2016

Works for me on some sites, but fails on others...any way to get a more complete cert?

@aarmora

This comment has been minimized.

Show comment
Hide comment
@aarmora

aarmora Mar 17, 2016

This suddenly failed for me on the three computers I've been using it on. I've been using this method for more than a year. I've tried multiple URLs.

Anyone else have this issue?

aarmora commented Mar 17, 2016

This suddenly failed for me on the three computers I've been using it on. I've been using this method for more than a year. I've tried multiple URLs.

Anyone else have this issue?

@srao2019

This comment has been minimized.

Show comment
Hide comment
@srao2019

srao2019 Mar 21, 2016

Not working for me. I'm still getting the certificate verify failed error.
c:/RailsInstaller/Ruby2.2.0/lib/ruby/2.2.0/net/http.rb:923:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)

Please help!

Not working for me. I'm still getting the certificate verify failed error.
c:/RailsInstaller/Ruby2.2.0/lib/ruby/2.2.0/net/http.rb:923:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)

Please help!

@hitmany

This comment has been minimized.

Show comment
Hide comment
@hitmany

hitmany Mar 28, 2016

Ohh man! Many thanks!

hitmany commented Mar 28, 2016

Ohh man! Many thanks!

@chanderharish1

This comment has been minimized.

Show comment
Hide comment
@chanderharish1

chanderharish1 Mar 31, 2016

I have resolved this error by including a line of code in gemfile as below:
gem 'certified'
Run bundle install. A latest version of certified will be added to your External Libraries.

I have resolved this error by including a line of code in gemfile as below:
gem 'certified'
Run bundle install. A latest version of certified will be added to your External Libraries.

@Edchel

This comment has been minimized.

Show comment
Hide comment
@Edchel

Edchel Apr 4, 2016

Edchel@Edchel-PC MINGW64 /d/MyWeb
$ ruby "win_fetch_cacerts.rb"

A cacert.pem bundle could not be downloaded.

Edchel commented Apr 4, 2016

Edchel@Edchel-PC MINGW64 /d/MyWeb
$ ruby "win_fetch_cacerts.rb"

A cacert.pem bundle could not be downloaded.

@WasabiFan

This comment has been minimized.

Show comment
Hide comment
@WasabiFan

WasabiFan May 22, 2016

It looks like curl.haxx.se, which is required for this solution to work, has gone offline. I tested on two machines locally and on a remote one with a separate internet connection and get a timeout on all of them.

It looks like curl.haxx.se, which is required for this solution to work, has gone offline. I tested on two machines locally and on a remote one with a separate internet connection and get a timeout on all of them.

@francistm

This comment has been minimized.

Show comment
Hide comment
@francistm

francistm May 24, 2016

@WasabiFan Nope, curl.haxx.se is online, you can open it in your browser.

@WasabiFan Nope, curl.haxx.se is online, you can open it in your browser.

@shweta-sah

This comment has been minimized.

Show comment
Hide comment
@shweta-sah

shweta-sah Jun 16, 2016

The manual way worked. Thank you soo much!

The manual way worked. Thank you soo much!

@kamok

This comment has been minimized.

Show comment
Hide comment
@kamok

kamok Aug 11, 2016

Is it me or did the cacert.pem file from the URL curl.haxx.se broke today.

It's not working for me Desktop and laptop. Was working a few months back.

kamok commented Aug 11, 2016

Is it me or did the cacert.pem file from the URL curl.haxx.se broke today.

It's not working for me Desktop and laptop. Was working a few months back.

@Elkont33

This comment has been minimized.

Show comment
Hide comment
@Elkont33

Elkont33 Sep 8, 2016

Thank you the manual way worked ok

Elkont33 commented Sep 8, 2016

Thank you the manual way worked ok

@Niresh123

This comment has been minimized.

Show comment
Hide comment
@Niresh123

Niresh123 Oct 7, 2016

A cacert.pm bundle could not be downloaded.

Is this a error message???

A cacert.pm bundle could not be downloaded.

Is this a error message???

@bdetail

This comment has been minimized.

Show comment
Hide comment
@bdetail

bdetail Oct 8, 2016

Doesn't work. I'm getting "A cacert.pm bundle could not be downloaded."

edit: it worked doing it manually.

bdetail commented Oct 8, 2016

Doesn't work. I'm getting "A cacert.pm bundle could not be downloaded."

edit: it worked doing it manually.

@1312148

This comment has been minimized.

Show comment
Hide comment
@1312148

1312148 Oct 13, 2016

Error: A cacert.pm bundle could not be downloaded.

1312148 commented Oct 13, 2016

Error: A cacert.pm bundle could not be downloaded.

@gstasica

This comment has been minimized.

Show comment
Hide comment
@gstasica

gstasica Oct 15, 2016

Thanks a lot. That worked for me just fine.

I was very close on giving up Ruby completely after spending hours following official ruby links and solutions e.g. http://rubyinstaller.org/,, It's shame that they provide broken fixes..

Thanks a lot. That worked for me just fine.

I was very close on giving up Ruby completely after spending hours following official ruby links and solutions e.g. http://rubyinstaller.org/,, It's shame that they provide broken fixes..

@samseen

This comment has been minimized.

Show comment
Hide comment
@samseen

samseen Oct 16, 2016

Thanks buddy... It works. [The manual way]

samseen commented Oct 16, 2016

Thanks buddy... It works. [The manual way]

@TheKetan2

This comment has been minimized.

Show comment
Hide comment
@TheKetan2

TheKetan2 Oct 19, 2016

Thanks a lot. It worked for me.

Thanks a lot. It worked for me.

@Kova93

This comment has been minimized.

Show comment
Hide comment
@Kova93

Kova93 Oct 20, 2016

Thanks a lot, it finally worked.

Kova93 commented Oct 20, 2016

Thanks a lot, it finally worked.

@skjo0c

This comment has been minimized.

Show comment
Hide comment
@skjo0c

skjo0c Oct 20, 2016

Sadly didn't work for me somehow :(

skjo0c commented Oct 20, 2016

Sadly didn't work for me somehow :(

@moayman

This comment has been minimized.

Show comment
Hide comment
@moayman

moayman Oct 24, 2016

It worked for me. Why isn't this the first search result on google..?
Thanks a lot.

moayman commented Oct 24, 2016

It worked for me. Why isn't this the first search result on google..?
Thanks a lot.

@Twinkling

This comment has been minimized.

Show comment
Hide comment
@Twinkling

Twinkling Oct 24, 2016

It worked!
Thank you very much!

It worked!
Thank you very much!

@qihuiz93

This comment has been minimized.

Show comment
Hide comment
@qihuiz93

qihuiz93 Oct 25, 2016

I would say this is awesome!!
Easy and efficient~~ Thank you sososososo much~~

I would say this is awesome!!
Easy and efficient~~ Thank you sososososo much~~

@dthor

This comment has been minimized.

Show comment
Hide comment
@dthor

dthor Oct 26, 2016

this does not work for me on windows

dthor commented Oct 26, 2016

this does not work for me on windows

@Vicente-M

This comment has been minimized.

Show comment
Hide comment
@Vicente-M

Vicente-M Oct 27, 2016

Thank you no longer get the error, these are the steps if anyone wants to follow

1.Install DEVELOPMENT KIT (depending on your version Ruby or Rails) in the path and folder C:\devkit
http://rubyinstaller.org/downloads/

2.Through the command prompt to access C:\devkit

3.Paste into the command prompt these commands

ruby dk.rb init

ruby dk.rb install

4.Download this file https://curl.haxx.se/ca/cacert.pem (with Firefox, File - Save as ...) and download in C:\RubyXX (if installed in C:)

5.set SSL_CERT_FILE=C:\RubyXX\cacert.pem (change after the equal sign, the path where cacert.pem was installed, ie in C:\RubyXX)

6.Paste into the command prompt

set SSL_CERT_FILE=C:\RubyXX\cacert.pem

7.Install this gem for devkit

gem install rdiscount --platform=ruby

8.Close the command prompt

9.Add environment variables SSL certificate

Control Panel - Security system - System - Advanced system settings - Environment Variables - System Variables - New - Variable name - (Paste "SSL_CERT_FILE" this without quotes) - Variable value - (Paste the path where cacert.pem was installed "C:\RubyXX\cacert.pem") - OK - OK - OK ;)

10.Try installing another gem

https://www.youtube.com/watch?v=xg_Zb9vGz-8

Vicente-M commented Oct 27, 2016

Thank you no longer get the error, these are the steps if anyone wants to follow

1.Install DEVELOPMENT KIT (depending on your version Ruby or Rails) in the path and folder C:\devkit
http://rubyinstaller.org/downloads/

2.Through the command prompt to access C:\devkit

3.Paste into the command prompt these commands

ruby dk.rb init

ruby dk.rb install

4.Download this file https://curl.haxx.se/ca/cacert.pem (with Firefox, File - Save as ...) and download in C:\RubyXX (if installed in C:)

5.set SSL_CERT_FILE=C:\RubyXX\cacert.pem (change after the equal sign, the path where cacert.pem was installed, ie in C:\RubyXX)

6.Paste into the command prompt

set SSL_CERT_FILE=C:\RubyXX\cacert.pem

7.Install this gem for devkit

gem install rdiscount --platform=ruby

8.Close the command prompt

9.Add environment variables SSL certificate

Control Panel - Security system - System - Advanced system settings - Environment Variables - System Variables - New - Variable name - (Paste "SSL_CERT_FILE" this without quotes) - Variable value - (Paste the path where cacert.pem was installed "C:\RubyXX\cacert.pem") - OK - OK - OK ;)

10.Try installing another gem

https://www.youtube.com/watch?v=xg_Zb9vGz-8

@drbrain

This comment has been minimized.

Show comment
Hide comment
@drbrain

drbrain Oct 28, 2016

Please don't fetch a CA bundle over HTTP, it's insecure.

I realize this is a bootstrap issue, but it's better to have instructions that give you a complete chain of trust when you're doing something that you're going to trust from start to finish.

drbrain commented Oct 28, 2016

Please don't fetch a CA bundle over HTTP, it's insecure.

I realize this is a bootstrap issue, but it's better to have instructions that give you a complete chain of trust when you're doing something that you're going to trust from start to finish.

@Pragatiiiee

This comment has been minimized.

Show comment
Hide comment
@Pragatiiiee

Pragatiiiee Oct 29, 2016

Hello please Help me ....m not able to download this..m not getting any option to download the certificate

Hello please Help me ....m not able to download this..m not getting any option to download the certificate

@Vicente-M

This comment has been minimized.

Show comment
Hide comment
@Vicente-M

Vicente-M Oct 29, 2016

@Pragatiiiee It's just a suggestion, but if you want you can read the comment above and watch the video, only if you want

@Pragatiiiee It's just a suggestion, but if you want you can read the comment above and watch the video, only if you want

@andkirby

This comment has been minimized.

Show comment
Hide comment
@andkirby

andkirby Oct 31, 2016

GitBash for Windows.

Could not install this certificate because it requires this certificate. :D

So, it can be downloaded by HTTPS only. That's why use_ssl: true is missed.

Net::HTTP.start('curl.haxx.se', use_ssl: true) do |http|
#    [...]

So, it works with cURL:

$ mkdir ~/.ssl -p
$ curl https://curl.haxx.se/ca/cacert.pem -o ~/.ssl/cacert.pem

And .bashrc can be updated with line:

export SSL_CERT_FILE=~/.ssl/cacert.pem

andkirby commented Oct 31, 2016

GitBash for Windows.

Could not install this certificate because it requires this certificate. :D

So, it can be downloaded by HTTPS only. That's why use_ssl: true is missed.

Net::HTTP.start('curl.haxx.se', use_ssl: true) do |http|
#    [...]

So, it works with cURL:

$ mkdir ~/.ssl -p
$ curl https://curl.haxx.se/ca/cacert.pem -o ~/.ssl/cacert.pem

And .bashrc can be updated with line:

export SSL_CERT_FILE=~/.ssl/cacert.pem
@Mehrabi

This comment has been minimized.

Show comment
Hide comment
@Mehrabi

Mehrabi Nov 3, 2016

Excellent... Thanks :)

Mehrabi commented Nov 3, 2016

Excellent... Thanks :)

@waar19

This comment has been minimized.

Show comment
Hide comment
@waar19

waar19 Nov 8, 2016

Thankyou :D :D

waar19 commented Nov 8, 2016

Thankyou :D :D

@JohnathanPratt

This comment has been minimized.

Show comment
Hide comment
@JohnathanPratt

JohnathanPratt Nov 8, 2016

This might be a dumb question, I am new to Ruby on Rails programming, but how are you supposed to download script?
Please someone give me an answer. Im getting desperate for help.

JohnathanPratt commented Nov 8, 2016

This might be a dumb question, I am new to Ruby on Rails programming, but how are you supposed to download script?
Please someone give me an answer. Im getting desperate for help.

@brycelewis

This comment has been minimized.

Show comment
Hide comment
@brycelewis

brycelewis Nov 10, 2016

the "ruby" way doesn't work

the "ruby" way doesn't work

@Vicente-M

This comment has been minimized.

Show comment
Hide comment
@andymagill

This comment has been minimized.

Show comment
Hide comment
@andymagill

andymagill Nov 16, 2016

This did not work for me. Fortunately, this official workaround worked great :

https://gist.github.com/luislavena/f064211759ee0f806c88

This did not work for me. Fortunately, this official workaround worked great :

https://gist.github.com/luislavena/f064211759ee0f806c88

@maheswaripanda

This comment has been minimized.

Show comment
Hide comment
@maheswaripanda

maheswaripanda Nov 17, 2016

It worked for me....thanks a lot for the solution I was getting the error "SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed" and by trying the above solution my issue got resolved and I was able to install all the gems.

Regards,
Maheswari

It worked for me....thanks a lot for the solution I was getting the error "SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed" and by trying the above solution my issue got resolved and I was able to install all the gems.

Regards,
Maheswari

@RogerioPST

This comment has been minimized.

Show comment
Hide comment
@RogerioPST

RogerioPST Nov 19, 2016

It worked for me too...thank you so much...

best regards,
Rogerio

It worked for me too...thank you so much...

best regards,
Rogerio

@cAstraea

This comment has been minimized.

Show comment
Hide comment
@cAstraea

cAstraea Nov 21, 2016

thx andkirby worked for me on windows 10 + git bash

thx andkirby worked for me on windows 10 + git bash

@dwbodine

This comment has been minimized.

Show comment
Hide comment
@dwbodine

dwbodine Nov 22, 2016

THANK YOU SO MUCH!! So many hacky solutions out there, this one was the only one that was simple and actually worked.

THANK YOU SO MUCH!! So many hacky solutions out there, this one was the only one that was simple and actually worked.

@acrolink

This comment has been minimized.

Show comment
Hide comment
@acrolink

acrolink Nov 27, 2016

Thank you :-)

Thank you :-)

@Doremiska

This comment has been minimized.

Show comment
Hide comment
@Doremiska

Doremiska Dec 2, 2016

Super thank you, it worked for me too on Windows 7. The Ruby way didn't work but the Manual one perfectly, then I changed the environment variable (otherwise every time you reboot you have to set back the variable on the command, so it's more convenient to do it permanently). I had a little hard to do it, I've seen another comment a little up that explains how to do it, but here is back if it can help you :

Go on the Control Panel -> Security system -> System ->Advanced system settings -> Environment Variables -> System Variables :
Here click on New and copy paste for the name : SSL_CERT_FILE, and for the variable : C:\RailsInstaller\cacert.pem (if you did put the cacert.pem at this place like told in this article).
Finally reboot your computer and it should work (I was trying without rebooting and it was not working...)

Enjoy !

Super thank you, it worked for me too on Windows 7. The Ruby way didn't work but the Manual one perfectly, then I changed the environment variable (otherwise every time you reboot you have to set back the variable on the command, so it's more convenient to do it permanently). I had a little hard to do it, I've seen another comment a little up that explains how to do it, but here is back if it can help you :

Go on the Control Panel -> Security system -> System ->Advanced system settings -> Environment Variables -> System Variables :
Here click on New and copy paste for the name : SSL_CERT_FILE, and for the variable : C:\RailsInstaller\cacert.pem (if you did put the cacert.pem at this place like told in this article).
Finally reboot your computer and it should work (I was trying without rebooting and it was not working...)

Enjoy !

@houssemFat

This comment has been minimized.

Show comment
Hide comment
@houssemFat

houssemFat Dec 21, 2016

Hi,
But the first approach doesn't work , 302 redirection for using http://curl.haxx.se , even with using https with :use_ssl .

The second solution works fine.

Thank you for your work !

houssemFat commented Dec 21, 2016

Hi,
But the first approach doesn't work , 302 redirection for using http://curl.haxx.se , even with using https with :use_ssl .

The second solution works fine.

Thank you for your work !

@Sarafian

This comment has been minimized.

Show comment
Hide comment
@Sarafian

Sarafian Feb 9, 2017

I've followed all possible suggestions but one Windows 10 operating system doesn't want to work

C:\>gem --version
2.6.10
C:\>gem which rubygems
C:/tools/ruby23/lib/ruby/site_ruby/2.3.0/rubygems.rb

For the this path I've followed the manual steps on the official guide

Additional to this I tried to SET SSL_CERT_FILE=C:\tools\ruby23\lib\ruby\2.3.0\rubygems\ssl_certs\AddTrustExternalCARoot.pem and still it doesn't work.

My openssl is

ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION'
OpenSSL 1.0.2j  26 Sep 2016

Sarafian commented Feb 9, 2017

I've followed all possible suggestions but one Windows 10 operating system doesn't want to work

C:\>gem --version
2.6.10
C:\>gem which rubygems
C:/tools/ruby23/lib/ruby/site_ruby/2.3.0/rubygems.rb

For the this path I've followed the manual steps on the official guide

Additional to this I tried to SET SSL_CERT_FILE=C:\tools\ruby23\lib\ruby\2.3.0\rubygems\ssl_certs\AddTrustExternalCARoot.pem and still it doesn't work.

My openssl is

ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION'
OpenSSL 1.0.2j  26 Sep 2016
@realvjy

This comment has been minimized.

Show comment
Hide comment
@realvjy

realvjy Feb 15, 2017

The ruby way not worked. @Doremiska Thank! Reboot helps, after setup environment variable.

realvjy commented Feb 15, 2017

The ruby way not worked. @Doremiska Thank! Reboot helps, after setup environment variable.

@jiayuc

This comment has been minimized.

Show comment
Hide comment
@jiayuc

jiayuc Feb 26, 2017

@sschwartzman Using Rubymine on windows10, this one works! Thanx so much

jiayuc commented Feb 26, 2017

@sschwartzman Using Rubymine on windows10, this one works! Thanx so much

@shen-sat

This comment has been minimized.

Show comment
Hide comment
@shen-sat

shen-sat Aug 2, 2017

Manual method worked for me! I was trying to use Nokogiri gem to download a webpage, but it wouldn't work until I came across this solution - thank you! I use Windows 10 and I only have Ruby 2.2.6 installed.

PS make sure you use follow Doremiska's comment (above) to go into control panel and set an environment variable to point to the cacert.pem file

shen-sat commented Aug 2, 2017

Manual method worked for me! I was trying to use Nokogiri gem to download a webpage, but it wouldn't work until I came across this solution - thank you! I use Windows 10 and I only have Ruby 2.2.6 installed.

PS make sure you use follow Doremiska's comment (above) to go into control panel and set an environment variable to point to the cacert.pem file

@russellhoff

This comment has been minimized.

Show comment
Hide comment
@russellhoff

russellhoff Nov 15, 2017

It solved my problem with Zendesk Application Framework v2 :)

It solved my problem with Zendesk Application Framework v2 :)

@samiggapps

This comment has been minimized.

Show comment
Hide comment
@samiggapps

samiggapps Aug 9, 2018

Thank you so much for this solved my SSL issue, was pulling my hair out over this! πŸ’― πŸ‘
Remember to restart your computer after making the changes and follow @Doremiska

samiggapps commented Aug 9, 2018

Thank you so much for this solved my SSL issue, was pulling my hair out over this! πŸ’― πŸ‘
Remember to restart your computer after making the changes and follow @Doremiska

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment