Skip to content

Instantly share code, notes, and snippets.

@jaredbeck

jaredbeck/bundler-1.3-ssl.md

Last active December 14, 2015 08:58
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jaredbeck/5061083 to your computer and use it in GitHub Desktop.
Save jaredbeck/5061083 to your computer and use it in GitHub Desktop.
Download ZIP
bundler 1.3 checks the identity of rubygems
Raw
bundler-1.3-ssl.md

Bundler 1.3 checks the identity of rubygems.org

by Jared Beck, 2013-02-28

If your gemfile starts with

source 'https://rubygems.org'

and you upgrade to bundler 1.3, you may get a warning like

Fetching gem metadata from https://rubygems.org/.
Could not verify the SSL certificate for https://rubygems.org/.

This is a good thing! Don't just disable SSL, install the intermediate certificates from the Certificate Authority (CA). Browse over to rubygems.org, inspect their certificate, and you'll see it's signed by RapidSSL. You just need to teach OpenSSL about this CA.

  1. gem update bundler (You want ~> 1.3.2)
  2. Download RapidSSL_CA_bundle.pem which contains two certs
  3. Split it into two files, one for each cert
  4. sudo cp those two certs into /System/Library/OpenSSL/certs
    • That's the path on mac os 10.8, anyway.
    • For other systems, see this list
  5. You're done. Bundle update should work now, and you're a bit safer!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment