Updating rbenv Ruby to use newer OpenSSL versions
rbenv/ruby-build don’t use Homebrew-installed versions of OpenSSL — instead, they on OS X's built-in ancient version.
This can throw
OpenSSL::SSL::SSLErrors when talking to websites that enforce newer SSL/TLS protocols and ciphersuites.
Update all the things.
brew update brew upgrade rbenv brew upgrade ruby-build brew upgrade openssl
2: Install a new Ruby
Pick your Ruby version. This'll give you a list of all the available versions, though you'll only be interested in the "normal" ones at the top,
The rest of this document assumes
If you're reinstalling a version you already have (so you can get the OpenSSL fix), you'll want to uninstall the current copy first:
rbenv uninstall -f 1.9.3-p547`
Install the new Ruby, telling it to use Homebrew’s OpenSSL -- and not the OS X system default one:
RUBY_CONFIGURE_OPTS="--with-openssl-dir=`brew --prefix openssl`" rbenv install 1.9.3-p547
3: Tell your project to use this new Ruby
Update your Ruby project, switch it over to this new version of Ruby 1.9.3, and reinstall the project's dependencies.
cd /path/to/your/project rbenv local 1.9.3-p547 rbenv rehash gem install bundler bundle install
And test that your new Ruby doing all the right things:
$ ruby -v ruby 1.9.3p547 (2014-05-14 revision 45962) [x86_64-darwin13.1.0] $ ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION' OpenSSL 1.0.1g 7 Apr 2014
In theory, you won’t need any
cacert.pem fixes (or similar), as long as you use a Ruby installed in this manner.