bundle install fails with SSL certificate verification error

Question

When I run bundle install for my Rails 3 project on Centos 5 5 it fails with an error   Gem  RemoteFetcher  FetchError  SSL connect returned 1 errno 0 state SSLv3  read server certificate B  certificate verify failed   https   bb-m rubygems org gems multi json-1 3 2 gem  An error occured while installing multi json  1 3 2   and Bundler cannot continue  Make sure that  gem install multi json -v  1 3 2   succeeds before bundling    When I try to install the gem manually  by gem install multi json -v  1 3 2   it works  The same problem occurs with several other gems  I use RVM  1 12 3   ruby 1 9 2  bundler 1 1 3    How to fix it

User · Answer

The only thing that worked for me on legacy windows system and ruby 1.9 version is downloading cacert file from http://guides.rubygems.org/ssl-certificate-update/

And then running below command before running bundle install

bundle config --global ssl_ca_cert /path/to/file.pem

User · Answer

On windows7 you can download the cacert pem file from here and set the environementvariable SSL CERT FILE to the path where you store the certificate eg   SET SSL CERT FILE  C  users  lt username gt  cacert pem    or you can set the variable in your script like this ENV  SSL CERT FILE    C  users  lt username gt  cacert pem   Replace  lt username gt  with you own username

User · Answer

Download  rubygems-update-2 6 7 gem    Now  using your Command Prompt   C   gt gem install --local C  rubygems-update-2 6 7 gem C   gt update rubygems --no-ri --no-rdoc   After this  gem --version should report the new update version   You can now safely uninstall rubygems-update gem   C   gt gem uninstall rubygems-update -x Removing update rubygems Successfully uninstalled rubygems-update-2 6 7

User · Answer

You can download a list of CA certificates from curl s website at http   curl haxx se ca cacert pem  Then set the SSL CERT FILE environment variable to tell Ruby to use it  For example  in Linux     SSL CERT FILE   cacert pem bundle install    Reference  https   gist github com fnichol 867550

User · Answer

My permanent fix for Windows     Download the CACert   save as C  ruby ssl certs GlobalSignRootCA pem from http   guides rubygems org ssl-certificate-update  Create system variable named  SSL CERT FILE   set to C  ruby ssl certs GlobalSignRootCA pem  Try again  gem install bundler     C  gem sources     CURRENT SOURCES     https   rubygems org   C  gem install bundler Fetching  bundler-1 13 5 gem  100   Successfully installed bundler-1 13 5 1 gem installed

User · Answer

Thx to  Alexander Iljushkin for   gem update --system --source http   rubygems org   After that bundler still failed and the solution to that was   gem install bundler

User · Answer

For Windows machine  check your gem version with  gem --version   Then update your gem as follow    Running 1 8 x  download 1 8 30  Running 2 0 x  download 2 0 15  Running 2 2 x  download 2 2 3   Please download the file in a directory that you can later point to  eg  the root of your hard drive C    Now  using your Command Prompt   C   gt gem install --local C  rubygems-update-1 8 30 gem C   gt update rubygems --no-ri --no-rdoc   Now  bundle install will success without SSL certificate verification error   More detailed instruction is here

User · Answer

To note  if you re grabbing gems from a source which SSL cert is trusted by an internal certificate authority  or you are connecting to an external source through a company web proxy with SSL inspection   point your SSL CERT FILE env variable to your certificate chain   This most likely just requires exporting your root certificate from your certificate store  System Keychain on macOS  to an accessible location from your shell i e    export SSL CERT FILE   RootCert pem

User · Answer

Simple copy paste instruction given here about  pem file  https   gist github com luislavena f064211759ee0f806c88  For  certificate verification failed     If you ve read the previous sections  you will know what this means  and shame   on you if you have not        We need to download AddTrustExternalCARoot-2048 pem    Open a Command Prompt and type in       C  gem which rubygems   C  Ruby21 lib ruby 2 1 0 rubygems rb   Now  let s locate that directory  From within the same window  enter the path part up to the file extension  but using backslashes instead       C  start C  Ruby21 lib ruby 2 1 0 rubygems   This will open a Explorer window inside the directory we indicated       Step 3  Copy new trust certificate      Now  locate ssl certs directory and copy the  pem file we obtained from previous step inside       It will be listed with other files like GeoTrustGlobalCA pem

User · Answer

The simplest solution   rvm pkg install openssl rvm reinstall all --force   Voila

User · Answer

For those of you that have ruby installed through RVM and want a quick fix  preferring not to read per Bruno s request  just try this   rvm remove 1 9 x  or whatever version of ruby you are using  rvm pkg install openssl rvm install 1 9 2 --with-openssl-dir  rvm path usr   For a more details  here is the link where I found the solution    http   railsapps github com openssl-certificate-verify-failed html   BTW  I didn t have to touch my certificates on Ubuntu      Best of all  this isn t a workaround  It will download gems through   SSL and fail if there if there is a problem like a man in the middle   attack which is much better than just turning off security

User · Answer

I was able to track this down to the fact that the binaries that rvm downloads do not play nice with OS X s OpenSSL  which is old and is no longer used by the OS    The solution for me was to force compilation when installing Ruby via rvm   rvm reinstall --disable-binary 2 2

User · Answer

If you re using rails-assets If you were using https   rails-assets org  to manage your assets  no answers will help you  Even converting to http won t help  The simplest fix is using this source instead   http   insecure rails-assets org  This has been mentioned in their homepage

User · Answer

This issue should now be fixed  Update rubygems  gem update --system   make sure openssl is at the latest version on your OS  or try these tips of it s still not working  http   railsapps github com openssl-certificate-verify-failed html

User · Answer

This has been fixed  http   guides rubygems org ssl-certificate-update   Now that RubyGems 2 6 x has been released  you can manually update to this version   Download https   rubygems org downloads rubygems-update-2 6 7 gem  Please download the file in a directory that you can later point to  eg  the root of your harddrive C    Now  using your Command Prompt   C   gt gem install --local C  rubygems-update-2 6 7 gem C   gt update rubygems --no-ri --no-rdoc   After this  gem --version should report the new update version   You can now safely uninstall rubygems-update gem   C   gt gem uninstall rubygems-update -x

User · Answer

I was getting a similar error  Here is how I solved this  In your path directory  check for Gemfile  Edit the source in the gemfile to http instead of https and save it  This might install the bundler without the SSL certificate issue l

User · Answer

same problem but with different gem here   Gem  RemoteFetcher  FetchError  SSL connect returned 1 errno 0 state SSLv3  read server certificate B  certificate verify failed   https   bb-m rubygems org gems builder-3 0 0 gem  An error occured while installing builder  3 0 0   and Bundler cannot continue  Make sure that  gem install builder -v  3 0 0   succeeds before bundling    temporarily solution  gem install builder -v  3 0 0  makes it possible to continue bundle install

User · Answer

I was just recently faced with this issue and followed the steps outlined here  There might be a chance that you are not pointing to the right OpenSSL certificate  After running   rvm osx-ssl-certs status all rvm osx-ssl-certs update all   and   export SSL CERT FILE  etc ssl certs ca-certificates crt   the bundle complete ran

User · Answer

I get a slightly different error  though perhaps related  on Ubuntu 12 04   Gem  RemoteFetcher  FetchError  SSL connect returned 1 errno 0 state unknown state  sslv3 alert handshake failure  https   d2chzxaqi4y7f8 cloudfront net gems activesupport-3 2 3 gem  An error occured while installing activesupport  3 2 3   and Bundler cannot continue  Make sure that  gem install activesupport -v  3 2 3   succeeds before bundling    It happens when I run bundle install with source  https   rubygems org  in a Gemfile   This is an issue with OpenSSL on Ubuntu 12 04  See Rubygems issue  319   To fix this  run apt-get update  amp  amp  apt-get upgrade on Ubuntu 12 04 to upgrade your OpenSSL

User · Answer

The reason is old rubygems  You need to update system part using non ssl source first   gem update --system --source http   rubygems org   temporarily updating system part using non-ssl connection    Now you re ready to use gem update

User · Answer

Update  Now that I ve karma wh  err mined enough from this answer everyone should know that this should have been fixed   re  via Ownatik again bundle install fails with SSL certificate verification error  gem update --system   My answer is still correct and left below for reference if that ends up not working for you     Honestly the best temporary solution is to            use the non-ssl version of rubygems in your gemfile as a temporary workaround    via user Ownatik  what they mean is at the top of the Gemfile in your rails application directory change  source  https   rubygems org   to  source  http   rubygems org   note that the second version is http instead of https

User · Answer

Temporary solution  as alluded to by Ownatik    Create or modify a file called  gemrc in your home path  including the line  ssl verify mode  0  This will prevent bundler from checking the SSL certificates of gems when it attempts to install them   For  nix devices   home path  means    gemrc  You can also create  etc gemrc if you prefer  For Windows XP   home path  means c  Documents and Settings All Users Application Data gemrc  For Windows 7  C  ProgramData gemrc

User · Answer

The real solution to this problem  if you are using RVM    Update rubygems  gem update --system Use RVM to refresh SSL certs  rvm osx-ssl-certs update all   Hat tip to this tip on the RailsApps project

User · Answer

This is How you fix this problem on Windows   download  perm file then set the SSL CERT FILE in command prompt  https   gist github com fnichol 867550

User · Answer

Replace the ssl gem source with non-ssl as a temp solution    gem sources -r https   rubygems org  gem sources -a http   rubygems org

User · Answer

If you re on a mac and use a recent version of RVM   1 20   the following command worked for me   rvm osx-ssl-certs update

User · Answer

This worked for me    download latest gem at https   rubygems org pages download install the gem with gem install --local  path to downloaded gem file  update the gems with update rubygems check that you re on the latest gem version with gem --version

User · Answer

I had to reinstall openssl   brew uninstall --force openssl brew install openssl

[ruby-on-rails] bundle install fails with SSL certificate verification error

Examples related to ruby-on-rails

Examples related to ruby

Examples related to ssl

Examples related to rubygems

Examples related to bundler