Skip to content

Instantly share code, notes, and snippets.

@stungeye

stungeye/rubygems_ssl_fix.md

Last active October 18, 2016 15:23
Show Gist options
  • Save stungeye/fc58daa5fce1d7d3c99fe5a9db503a46 to your computer and use it in GitHub Desktop.
Save stungeye/fc58daa5fce1d7d3c99fe5a9db503a46 to your computer and use it in GitHub Desktop.
Download ZIP
Fixing RubyGems SSL Issues on Windows
Raw
rubygems_ssl_fix.md

Symptoms

When trying to create a new rails application with rails new name_of_new_project the following error is seen:

Error Could not verify the SSL certificate for https://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most
likely your system doesn't have the CA certificates needed for verification.
For information about OpenSSL certificates, see http://bit.ly/ruby-ss;
To connect without using SSL, edit your Gemfile sources and change
'https' to 'http'.

OR

When trying to upgrade rails with gem install rails the following error is seen:

ERROR:  Could not find a valid gem 'rails' (>= 0), here is why:
Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)

The Required Fixes

I've had success fixing this problem by updating the gem program to the most recent version and then installing new SSL certificates.

Updating The Gem Application

  • Navigate to https://rubygems.org/gems/rubygems-update/versions
  • Click on the most recent (top) version of the application. Currently it's version 2.6.7
  • Click the download link in the right-hand sidebar. Current direct link for v2.6.7.
  • From the command prompt, navigate to the folder where you saved the file from the last step.
  • Run: gem install --local rubygems-update-2.6.7.gem --no-ri --no-rdoc
  • Update the gem application from the command prompt using: update_rubygems --no-ri --no-rdoc
  • Run gem -v to verify that the upgrade worked.
  • Uninstall rubygems-update using: gem uninstall rubygems-update -x

Downloading the Latest SSL Certificates

  • Download the cacert.pem file from http://curl.haxx.se/ca/cacert.pem.
  • Save this file to C:\RailsInstaller\cacert.pem.
  • Ensure that the extension of the saved file is .pem and not .pem.txt. It's best to verify this from a command prompt dir listing.

To temporarily have Ruby Gems use this new certificate file run the following from the command prompt:

set SSL_CERT_FILE=C:\RailsInstaller\cacert.pem

To make this a permanent setting, you need to add SSL_CERT_FILE as an environment version with a value of C:\RailsInstaller\cacert.pem in your control panel:

  • Open the Windows Control Panel.
  • Navigate to the System section (sometimes found under "System and Security")
  • Follow the Advanced Systems Settings link on the left-hand side.
  • Ensure you are on the Advanced tab.
  • Click the Environment Variables... button.
  • Below System Variables click the New button.
  • Set the Variable name to SSL_CERT_FILE
  • Set the Variable value to C:\RailsInstaller\cacert.pem
  • Click OK, and then OK, and then OK to confirm the addition and leave the system settings.

Testing the Fix

After working through the fixes listed above, you can test the fix by:

  • Opening a new command prompt (or Cmdr) window. (It's got to be a new one, not one that was already open.)
  • Navigating to the folder where you have been storing Rails applications.
  • Create a new Rails testing app using: rails new test_test

If you do not receive an error messages after this command has finished executing you are good to go.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment