Why do I get OpenSSL::SSL::SSLError when installing Rails? - ruby-on-rails

When I run 'sudo gem install rails', this error occurs:
ERROR: While executing gem ... (OpenSSL::SSL::SSLError)
SSL_connect SYSCALL returned=5 errno=0 state=SSLv3 read server session ticket A
BTW, I'm running Ruby version 1.9.3p0, Gem version 2.0.3, and OpenSSL version OpenSSL 1.0.1.
Any advice?

Please try the following commands
Root causes
1) outdate open SSL
$ rvm -v
$ rvm get head
2) outdate bundle
$ gem install bundle
hope it will solve

try this :
$ gem update --system

While I was about installing rails, I also get the exact same error. As Aye Mon Chit mention earlier, this error is possibly caused by an outdated open SSL. Here's my solution: update your openssl
In my Wheezy, I simply run:
apt-get install openssl
And that's all. Hope this help somebody out there.

Related

SSL Error When installing rubygems, unable to install rails gem in windows 10

I am trying to install rails in windows 10. When I attempt to install rails in my gemset, I get the following issue:
C:\>gem install rails
ERROR: Could not find a valid gem 'rails' (>= 0), here is why:
Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/latest_specs.4.8.gz)
Currently using ruby version.
C:\>ruby -v
ruby 2.3.1p112 (2016-04-26 revision 54768) [i386-mingw32]
Gem Vesrion.
C:\>gem --version
2.2.3
how can I fix these issue help me out from this.
now I got solution for this issue, using this link http://guides.rubygems.org/ssl-certificate-update/#manual-solution-to-ssl-issue
we need to add GlobalSignRootCA.pem this certificate in ssl_certs folder insted of AddTrustExternalCARoot-2048.pem
go through that above link.
Your problem is most likely outdated SSL certificates included in installation.
This might help: https://gist.github.com/luislavena/f064211759ee0f806c88

Update bash error for ruby on rails

When I try to start a new project - my command I'm using is:
rails new testproject
But when it tries to install the bundle I end up with the error message:
Gem::RemoteFetcher::FetchError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed <https://rubygems.org/gems/rake-10.4.2.gem>
An error occured while installing rake <10.4.2>, and Bundler cannot continue. Make sure that 'gem install rake -v '10.4.2' ' succeeds before bundling.
So then I try to install that rake version, using
gem install rake -v 10.4.2
and I get the same SSL read server certificate error.
Now I've tried to figure out how to fix this. From what I can tell, I need to update my Bash version, but that's impossible for me - it just tells me what bash version I have when I give it the command
\curl -sSL https://get.rvm.io | bash -s stable --ruby
found on https://rvm.io/rvm/install.
How do I fix this issue and how do I get an actual working version of RoR on my computer without having to do everything manually? Almost all the other places I've been to eventually point back to railsinstaller.org, and that does me no good.
Thank you very much for your help!
There seems to be something wrong with the certificates. You could try to fetch the packages from hhtp instead using something like:
sudo gem sources -r https://rubygems.org
sudo gem sources -a http://rubygems.org
Ref this

Error with installing Rails 4

I have problem with installing Rails 4. Hope you could help!
demo
$ rails -v
Rails is not currently installed on this system. To get the latest version, simply type:
$ sudo gem install rails
You can then rerun your "rails" command.
demo
$ sudo gem install rails
WARNING: Improper use of the sudo command could lead to data loss
or the deletion of important system files. Please double-check your
typing when using sudo. Type "man sudo" for more information.
To proceed, enter your password, or type Ctrl-C to abort.
Password:
ERROR: Could not find a valid gem 'rails' (>= 0), here is why:
Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://s3.amazonaws.com/production.s3.rubygems.org/latest_specs.4.8.gz)
The Best Solution for installing Rails is by Using Ruby Version Manager(RVM)
run curl -L https://get.rvm.io | bash -s stable to install RVM and the Install Ruby Using RVM by this Command rvm install 2.0.0 then Install Rails from this command
gem install rails -v 4.0.0
You can good to go then.
Had the same issue and everything is described here: http://railsapps.github.io/openssl-certificate-verify-failed.html
tl;dr Recent versions of RVM, the Ruby Version Manager, include a utility to diagnose and resolve errors caused by outdated certificate files. See the article Installing Rails for instructions and advice. The RVM website explains how to install RVM.
If you’ve installed RVM, try this:
$ rvm -v
# rvm 1.19.1 (stable)
$ rvm osx-ssl-certs status all
# Certificates for...
$ rvm osx-ssl-certs update all
# Updating certificates...
That’s all that is needed to resolve the issue if you are using RVM (you must be using RVM version 1.19.1 or newer).

SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed on Mac

Using Homebrew, on Mac OSX 10.7.5
$ brew install openssl
Error: openssl-1.0.1e already installed
$ rake test.rake
rake aborted!
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
I acknowledge that there are other questions like the one in title, but none of the solution seems to work. I have tried those at various points, with no success:
rvm pkg install openssl
rvm reinstall 1.9.3 --with-openssl-dir=$rvm_path/usr
rvm remove 1.9.3
brew install openssl
rvm install 1.9.3 --with-openssl-dir=`brew --prefix openssl`
I decided to check openssl version and noticed this:
$ openssl version
OpenSSL 0.9.8r 8 Feb 2011
Hopefully that is indeed the problem and the fix is as simple as making sure my laptop detects the correct OpenSSL.
But how do I fix this, so I have it use Homebrew's newer OpenSSL instead?
Thanks in advance.
it worked for me using rvm
$ rvm osx-ssl-certs status all
$ rvm osx-ssl-certs update all
Building on mpapis's answer, I executed these commands that fixed the problem for me.
$ cd ~
$ rvm get head
$ rvm requirements
This gave me two key pieces of feedback:
Upgrade of RVM in /Users/myuser/.rvm/ is complete.
RVM Reloaded!
and
Installing requirements for osx, might require sudo password.
Updating certificates in '/usr/local/etc/openssl/cert.pem'.
After that, I didn't get the error anymore.
You need to update certificates:
sudo curl http://curl.haxx.se/ca/cacert.pem -o "$(ruby -ropenssl -e "p OpenSSL::X509::DEFAULT_CERT_FILE")"
Although this is considered to be not safe as the certificates are downloaded without https and there is no way to tell if they were not changed on the way.
RVM has updated code that will use OSX certificates to update the file and will pull automatically dependencies, you can get it with:
rvm get head
rvm install 1.9.3
on my mac running 10.8.3 i had this problem too, however i had a problem with the above solution because when i tried to do
rvm get head
install 1.9.3
or
rvm requirements
i got Error running 'requirements_osx_brew_libs_install... which is a nightmare in its own right see Error running 'requirements_osx_brew_libs_install...' on Mac 10.7 for proof
anyway i got it working by doing
wget http://curl.haxx.se/ca/cacert.pem >
mv cacert.pem /Users/USER/.rvm/usr/ssl/cert.pem

bundle install fails with SSL certificate verification error

When I run bundle install for my Rails 3 project on Centos 5.5 it fails with an error:
Gem::RemoteFetcher::FetchError: SSL_connect returned=1 errno=0 state=SSLv3
read server certificate B: certificate verify failed
(https://bb-m.rubygems.org/gems/multi_json-1.3.2.gem)
An error occured while installing multi_json (1.3.2), and Bundler cannot continue.
Make sure that `gem install multi_json -v '1.3.2'` succeeds before bundling.
When I try to install the gem manually (by gem install multi_json -v '1.3.2') it works. The same problem occurs with several other gems. I use RVM (1.12.3), ruby 1.9.2, bundler 1.1.3.
How to fix it?
Update
Now that I've karma wh..err mined enough from this answer everyone should know that this should have been fixed.
re: via Ownatik again bundle install fails with SSL certificate verification error
gem update --system
My answer is still correct and left below for reference if that ends up not working for you.
Honestly the best temporary solution is to
[...] use the non-ssl version of rubygems in your gemfile as a temporary workaround.
via user Ownatik
what they mean is at the top of the Gemfile in your rails application directory change
source 'https://rubygems.org'
to
source 'http://rubygems.org'
note that the second version is http instead of https
Replace the ssl gem source with non-ssl as a temp solution:
gem sources -r https://rubygems.org/
gem sources -a http://rubygems.org/
The reason is old rubygems. You need to update system part using non ssl source first:
gem update --system --source http://rubygems.org/ (temporarily updating system part using non-ssl connection).
Now you're ready to use gem update.
If you're on a mac and use a recent version of RVM (~1.20), the following command worked for me.
rvm osx-ssl-certs update
This issue should now be fixed. Update rubygems (gem update --system), make sure openssl is at the latest version on your OS, or try these tips of it's still not working: http://railsapps.github.com/openssl-certificate-verify-failed.html
Temporary solution (as alluded to by Ownatik):
Create or modify a file called .gemrc in your home path, including the line :ssl_verify_mode: 0
This will prevent bundler from checking the SSL certificates of gems when it attempts to install them.
For *nix devices, 'home path' means ~/.gemrc. You can also create /etc/gemrc if you prefer. For Windows XP, 'home path' means c:\Documents and Settings\All Users\Application Data\gemrc. For Windows 7, C:\ProgramData\gemrc
On windows7 you can download the cacert.pem file from here and set the environementvariable SSL_CERT_FILE to the path where you store the certificate eg
SET SSL_CERT_FILE="C:\users\<username>\cacert.pem"
or you can set the variable in your script like this ENV['SSL_CERT_FILE']="C:/users/<username>/cacert.pem"
Replace <username> with you own username.
The real solution to this problem, if you are using RVM:
Update rubygems: gem update --system
Use RVM to refresh SSL certs: rvm osx-ssl-certs update all
Hat tip to this tip on the RailsApps project!
You can download a list of CA certificates from curl's website at http://curl.haxx.se/ca/cacert.pem
Then set the SSL_CERT_FILE environment variable to tell Ruby to use it. For example, in Linux:
$ SSL_CERT_FILE=~/cacert.pem bundle install
(Reference: https://gist.github.com/fnichol/867550)
For those of you that have ruby installed through RVM and want a quick fix (preferring not to read per Bruno's request) just try this:
rvm remove 1.9.x (or whatever version of ruby you are using)
rvm pkg install openssl
rvm install 1.9.2 --with-openssl-dir=$rvm_path/usr
For a more details, here is the link where I found the solution.
http://railsapps.github.com/openssl-certificate-verify-failed.html
BTW, I didn't have to touch my certificates on Ubuntu.
Best of all, this isn't a workaround. It will download gems through
SSL and fail if there if there is a problem like a man in the middle
attack which is much better than just turning off security.
This has been fixed
http://guides.rubygems.org/ssl-certificate-update/
Now that RubyGems 2.6.x has been released, you can manually update to this version.
Download https://rubygems.org/downloads/rubygems-update-2.6.7.gem
Please download the file in a directory that you can later point to (eg. the root of your harddrive C:)
Now, using your Command Prompt:
C:\>gem install --local C:\rubygems-update-2.6.7.gem
C:\>update_rubygems --no-ri --no-rdoc
After this, gem --version should report the new update version.
You can now safely uninstall rubygems-update gem:
C:\>gem uninstall rubygems-update -x
Simple copy paste instruction given here about .pem file
https://gist.github.com/luislavena/f064211759ee0f806c88
For certificate verification failed
If you've read the previous sections, you will know what this means (and shame > on you if you have not).
We need to download AddTrustExternalCARoot-2048.pem.
Open a Command Prompt and type in:
C:>gem which rubygems
C:/Ruby21/lib/ruby/2.1.0/rubygems.rb
Now, let's locate that directory. From within the same window, enter the path part up to the file extension, but using backslashes instead:
C:>start C:\Ruby21\lib\ruby\2.1.0\rubygems
This will open a Explorer window inside the directory we indicated.
Step 3: Copy new trust certificate
Now, locate ssl_certs directory and copy the .pem file we obtained from previous step inside.
It will be listed with other files like GeoTrustGlobalCA.pem.
same problem but with different gem here:
Gem::RemoteFetcher::FetchError: SSL_connect returned=1 errno=0 state=SSLv3
read server certificate B: certificate verify failed
(https://bb-m.rubygems.org/gems/builder-3.0.0.gem)
An error occured while installing builder (3.0.0), and Bundler cannot continue.
Make sure that `gem install builder -v '3.0.0'` succeeds before bundling.
temporarily solution: gem install builder -v '3.0.0' makes it possible to continue bundle install
The simplest solution:
rvm pkg install openssl
rvm reinstall all --force
Voila!
This is How you fix this problem on Windows:
download .perm file then set the SSL_CERT_FILE in command prompt
https://gist.github.com/fnichol/867550
My permanent fix for Windows:
Download the CACert , save as C:\ruby\ssl_certs\GlobalSignRootCA.pem from http://guides.rubygems.org/ssl-certificate-update/
Create system variable named "SSL_CERT_FILE", set to C:\ruby\ssl_certs\GlobalSignRootCA.pem.
Try again: gem install bundler:
C:\gem sources
*** CURRENT SOURCES ***
https://rubygems.org/
C:\gem install bundler
Fetching: bundler-1.13.5.gem (100%)
Successfully installed bundler-1.13.5
1 gem installed
I get a slightly different error, though perhaps related, on Ubuntu 12.04:
Gem::RemoteFetcher::FetchError: SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert handshake failure (https://d2chzxaqi4y7f8.cloudfront.net/gems/activesupport-3.2.3.gem)
An error occured while installing activesupport (3.2.3), and Bundler cannot continue.
Make sure that `gem install activesupport -v '3.2.3'` succeeds before bundling.
It happens when I run bundle install with source 'https://rubygems.org' in a Gemfile.
This is an issue with OpenSSL on Ubuntu 12.04. See Rubygems issue #319.
To fix this, run apt-get update && apt-get upgrade on Ubuntu 12.04 to upgrade your OpenSSL.
I was able to track this down to the fact that the binaries that rvm downloads do not play nice with OS X's OpenSSL, which is old and is no longer used by the OS.
The solution for me was to force compilation when installing Ruby via rvm:
rvm reinstall --disable-binary 2.2
Thx to #Alexander.Iljushkin for:
gem update --system --source http://rubygems.org/
After that bundler still failed and the solution to that was:
gem install bundler
I was getting a similar error. Here is how I solved this: In your path directory, check for Gemfile. Edit the source in the gemfile to http instead of https and save it. This might install the bundler without the SSL certificate issue.l
For Windows machine, check your gem version with
gem --version
Then update your gem as follow:
Running 1.8.x: download 1.8.30
Running 2.0.x: download 2.0.15
Running 2.2.x: download 2.2.3
Please download the file in a directory that you can later point to (eg. the root of your hard drive C:)
Now, using your Command Prompt:
C:\>gem install --local C:\rubygems-update-1.8.30.gem
C:\>update_rubygems --no-ri --no-rdoc
Now, bundle install will success without SSL certificate verification error.
More detailed instruction is here
This worked for me:
download latest gem at https://rubygems.org/pages/download
install the gem with gem install --local [path to downloaded gem file]
update the gems with update_rubygems
check that you're on the latest gem version with gem --version
I had to reinstall openssl:
brew uninstall --force openssl
brew install openssl
I was just recently faced with this issue and followed the steps outlined here. There might be a chance that you are not pointing to the right OpenSSL certificate. After running:
rvm osx-ssl-certs status all
rvm osx-ssl-certs update all
and
export SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
the bundle complete ran!
Download rubygems-update-2.6.7.gem .
Now, using your Command Prompt:
C:\>gem install --local C:\rubygems-update-2.6.7.gem
C:\>update_rubygems --no-ri --no-rdoc
After this, gem --version should report the new update version.
You can now safely uninstall rubygems-update gem:
C:\>gem uninstall rubygems-update -x
Removing update_rubygems
Successfully uninstalled rubygems-update-2.6.7
To note, if you're grabbing gems from a source which SSL cert is trusted by an internal certificate authority (or you are connecting to an external source through a company web proxy with SSL inspection), point your SSL_CERT_FILE env variable to your certificate chain. This most likely just requires exporting your root certificate from your certificate store (System Keychain on macOS) to an accessible location from your shell i.e.:
export SSL_CERT_FILE=~/RootCert.pem
If you're using rails-assets
If you were using https://rails-assets.org/ to manage your assets, no answers will help you. Even converting to http won't help.
The simplest fix is using this source instead, http://insecure.rails-assets.org. This has been mentioned in their homepage.
The only thing that worked for me on legacy windows system and ruby 1.9 version is downloading cacert file from
http://guides.rubygems.org/ssl-certificate-update/
And then running below command before running bundle install
bundle config --global ssl_ca_cert /path/to/file.pem

Resources