I recently upgraded to OS X Mountain Lion, and when I run curl-config --ca I get an empty line. Details about curl:
curl 7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IPv6 Largefile NTLM NTLM_WB SSL libz
The issue is that I can't run brew update unless I update the certificate because I get the following error:
Initialized empty Git repository in /usr/local/.git/
error: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed while accessing https://github.com/mxcl/homebrew.git/info/refs
fatal: HTTP request failed
Error: Failure while executing: git fetch origin
The homebrew help forums say I need to update the certificate. However, unless I can find where curl is storing the certificate, I can't update it.
EDIT: The solution presented by HeatfanJohn below:
I just noticed that there is a Macport for curl-ca-bundle. Sorry for the possibly simple question, but did you install curl or did it come preinstalled? You might want to consider installing MacPorts and then installing curl-ca-bundle using MacPorts, although looking quickly at the Portfile this MacPort appears to just put the bundle into /usr/share which you can also do manually.
The command to install from MacPorts is port install curl. Installing from MacPorts resolves the issue.
I mostly run curl on Winodws, but from the curl documentation the following should work:
If you're using the curl command line tool, you can specify your own
CA cert path by setting the environment variable CURL_CA_BUNDLE to the
path of your choice.
Then download the lastest .pem file from http://curl.haxx.se/ca/cacert.pem placing the .pem in the directory path that you specify in the CURL_CA_BUNDLE environment variable. The documentation is a little vague as to whether the environment variable points to the file or directory. I would try pointing it to the file.
On Windows, curl looks for the .pem file as file curl-ca-bundle.crt in the same directory where the curl executable lives. That may also work. I have an old MAC at home. I will test this later tonight.
curl-config --ca returns /usr/share/curl/curl-ca-bundle.crt for me.
I just noticed that there is a Macport for curl-ca-bundle. Sorry for the possibly simple question, but did you install curl or did it come preinstalled? You might want to consider installing MacPorts and then installing curl-ca-bundle using MacPorts, although looking quickly at the Portfile this MacPort appears to just put the bundle into /usr/share which you can also do manually.
I installed curl from Macports and now I have version 7.27.0 installed and it is configured to use the latest curl-ca-bundle.crt file. See below:
sams-mac:~ sam$ curl --version
curl 7.27.0 (powerpc-apple-darwin8.11.0) libcurl/7.27.0 OpenSSL/1.0.1c zlib/1.2.7 libidn/1.25
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
sams-mac:~ sam$ curl-config --ca
/opt/local/share/curl/curl-ca-bundle.crt
sams-mac:~ sam$ ls -l /opt/local/bin/curl*
-rwxr-xr-x 1 root admin 147012 Aug 3 11:00 /opt/local/bin/curl
-rwxr-xr-x 1 root admin 4988 Aug 3 11:00 /opt/local/bin/curl-config
sams-mac:~ sam$
Related
[root####~]# yum install jenkins
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Loading mirror speeds from cached hostfile
base: mirror.myfahim.com
extras: centos-hcm.viettelidc.com.vn
updates: mirror.tino.org
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
http://pkg.jenkins.io/redhat-stable/repodata/repomd.xml: [Errno 14] HTTPS Error 301 - Moved Permanently
Trying other mirror.
One of the configured repositories failed (Jenkins-stable),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Run the command with the repository temporarily disabled
yum --disablerepo=jenkins ...
4. Disable the repository permanently, so yum won't use it by default. Yum
will then just ignore the repository until you permanently enable it
again or use --enablerepo for temporary usage:
yum-config-manager --disable jenkins
or
subscription-manager repos --disable=jenkins
5. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=jenkins.skip_if_unavailable=true
failure: repodata/repomd.xml from jenkins: [Errno 256] No more mirrors to try.
http://pkg.jenkins.io/redhat-stable/repodata/repomd.xml: [Errno 14] HTTPS Error 301 - Moved Permanently
Please help me out
It looks like the jenkins.repo file currently distributed by jenkins.io, is configured to use http, not https. (C'mon, people, seriously? This is 2021.) Fortunately it's very easy for you to edit /etc/yum.repos.d/jenkins.repo to change it to https. Unfortunately, that's not where the problems stop, at least on RHEL 7.9, the root issuer (Let's Encrypt R3) is not in the trusted cert store by default. You can verify that the jenkins.io cert is actually valid by using a service such as https://www.ssllabs.com/ssltest/analyze.html?d=pkg.jenkins.io. The cert and chain is actually valid, but the issuer is R3, which is trusted by everyone else (Mozilla, Apple, Android, Java, Microsoft), but is not trusted by yum. To resolve this issue (after Sep 24, 2021) you need to update ca-certificates
yum upgrade ca-certificates
I have found a solution for this error.
edit your /etc/yum.repos.d/jenkins.repo file from
[jenkins]
name=Jenkins
baseurl=http://pkg.jenkins.io/redhat
gpgcheck=1
to
[jenkins]
name=Jenkins
baseurl=https://pkg.jenkins.io/redhat
gpgcheck=1
Try to yum update.
It will probably return an SSL error.
If so, edit your /etc/yum.conf , add this line:
sslverify=false
Now it should work.
Remember to set sslverify to true again if you don't want self-signed certificates to work on your yum.
I have found a solution for this error.
ALL REPOS URL MUST HTTPS.
HTTP -> HTTPS
edit all your /etc/yum.repos.d/REPONAMES.repo file from
[repo]
name=Jenkins
baseurl=http://pkg.jenkins.io/redhat
gpgcheck=1
to
[repo]
name=Jenkins
baseurl=https://pkg.jenkins.io/redhat
gpgcheck=1
Try to yum update. It will probably return an SSL error. If so, edit your /etc/yum.conf , add this line:
sslverify=false
Now it should work.
Remember to set sslverify to true again if you don't want self-signed certificates to work on your yum.
I'm trying to set up a Ruby on Rails application (OpenProject) on a windows server with IIS. I've got the new Helicon Zoo v4 (https://github.com/helicontech/zoo) up and running so far with Ruby 2.3 and the basic Ruby template installed. When I go to run the install script for OpenProject:
bundle install --deployment --without postgres sqlite development test therubyracer docker
I get an unknown protocol error with Git, while it tries to clone from GitHub.
bundle install --deployment --without postgres development test therubyracer
docker Fetching gem metadata from https://rubygems.org/......
Fetching version metadata from https://rubygems.org/..
Fetching dependency metadata from https://rubygems.org/.
Fetching https://github.com/carrierwaveuploader/carrierwave
fatal: unable to access 'https://github.com/carrierwaveuploader/carrierwave/':
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
I thought for sure this would be easy to fix, like specifying to use TLS instead of SSLv3, but I've yet to find anything relevant for Git for windows, via command line. I'm still looking, but I thought I'd ask if anyone has ideas?
EDIT: Turning on the trace and verbose curl messages spit out a better error:
bundle install --deployment --without postgres development test therubyracer docker
Fetching gem metadata from https://rubygems.org/......
Fetching version metadata from https://rubygems.org/..
Fetching dependency metadata from https://rubygems.org/.
Fetching https://github.com/carrierwaveuploader/carrierwave
* Couldn't find host github.com in the _netrc file; using defaults
* timeout on name lookup is not supported
* Trying 192.30.253.113...
* TCP_NODELAY set
* Connected to github.com (192.30.253.113) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:#STRENGTH
* successfully set certificate verify locations:
* CAfile: C:/Git/mingw64/ssl/certs/ca-bundle.crt CApath: none
* error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
* Curl_http_done: called premature == 1
* stopped the pause stream!
* Closing connection 0 fatal: unable to access 'https://github.com/carrierwaveuploader/carrierwave/': error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Added Git/usr/bin folder to path, I can look at curl from the ruby web console:
D:\inetpub\wwwroot\openproject>where curl
C:\Git\usr\bin\curl.exe
D:\inetpub\wwwroot\openproject>curl --version
curl 7.51.0 (x86_64-pc-msys) libcurl/7.51.0 OpenSSL/1.0.2j zlib/1.2.11 libssh2/1.7.0
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: Debug IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP UnixSockets Metalink
Trying to set the protocol for git with:
git config --global http.sslVersion sslv3
* Couldn't find host github.com in the _netrc file; using defaults
* timeout on name lookup is not supported
* Trying 192.30.253.112...
* TCP_NODELAY set
* Connected to github.com (192.30.253.112) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:#STRENGTH
* successfully set certificate verify locations:
* CAfile: C:/Git/mingw64/ssl/certs/ca-bundle.crt
CApath: none
* error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
* Curl_http_done: called premature == 1
* stopped the pause stream!
* Closing connection 0
fatal: unable to access 'https://github.com/carrierwaveuploader/carrierwave/': error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
I documented here all the reasons for "protocol unknown".
An routines:SSL23_GET_SERVER_HELLO:unknown protocol error is a redirection issue.
Check your proxy settings is you have one.
If everything fails... try and switch to ssh
git config url."git#github.com/".insteadOf https://github.com/
Couldn't find host github.com in the _netrc file; using defaults
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
It looks like you are using an old openSSL.
Make sure to:
uncompress the very latest Git for Windows (2.11.1 released today: PortableGit-2.11.1-64-bit.7z.exe: an auto-extractible archive)
set your PATH as:
set PATH=C:\path\to\Git\bin;C:\path\to\Git\usr\bin;%PATH%
(setting Git first in your PATH)
And make sure to specify:
git config --global http.sslVersion sslv3
Then try again.
Thanks to VonC for the troubleshooting tips! One of our server engineers looked at his answer and confirmed we do have an automatic proxy that I wasn't aware of. I was able to solve this using a mix of answers.
Collected from this answer I opened a windows command prompt and entered:
ping wpad
We just happened to have the common setup, so this confirmed the server exists. Then I retrieved the wpad file from the browser (details in the linked answer) and reviewed it to find the proxy. We have different servers per site, so I had to look for my location and specific proxy server.
From here, back in the Helicon Zoo web console, I set the proxy settings for Git with this command from another of VonC's answers:
git config --global http.proxy http://proxyserver:port
Replacing proxyserver and port with the actuals. Finally, I was able to clone from github.
I am trying to following instructions on homebrew homepage but the following
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
returns the following error:
curl: (6) Could not resolve host: raw.githubusercontent.com
Any suggestions?
If you happen to be behind a proxy, You might need a way out, to exit
export http_proxy=http://YOURPROXY:PORT export ALL_PROXY=$http_proxy
For some other users, setting back their github https and https-proxy to default works sometimes as well.
git config --global --unset http.proxy
git config --global --unset https.proxy
I have resolved this by adding a new name server into network configuration.
Click on "System Preferences" then "Network", "Advanced" , "DNS", "+" and enter IP of the new name server, a good public name server is "8.8.8.8" .
You are most probably behind a proxy. Consider running curl command with -k parameter:
-k, --insecure
(SSL) This option explicitly allows curl to perform "insecure" SSL connections and transfers. All
SSL connections are attempted to be made secure by using the CA certificate bundle installed by
default. This makes all connections considered "insecure" fail unless -k, --insecure is used.
See this online resource for further details:
http://curl.haxx.se/docs/sslcerts.html
Check also Homebrew docs where they talk about this.
As others noted, the problem is a proxy blocking access to the download. The "non-hack" solution is...
Disconnect from your personal/company's VPN
Rerun the homebrew installation script
Currently...
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
Tried everything,
Finally installing Cloudflare on the machine sorted out the issue.
Follow this: https://developers.cloudflare.com/warp-client/get-started/linux/
If non of the above solutions worked and you can't ping https://github.com/ or any other websites with your terminal ,it is because of an application that monitors and controls the access of network , so make sure that your terminal is not blocked from accessing the network by any Firewalls.
It gave an error on the first attempt. However, it was installed on second attempt. The solution is to retry attempting the call.
Setting proxy with Username, password and port number worked for me
export http_proxy=http://<MacUser>:<MacPass><proxy server>:<ProxyPort>
export https_proxy=http_proxy
After that simply execute
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Experienced the same issue while trying to install home-brew on my Mac M1
Did the following, issue resolved.
Paste this in the terminal and hit enter.
export http_proxy=http://YOURPROXY:PORT export ALL_PROXY=$http_proxy
Now paste the home-brew installation cmd in terminal
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
This will work.
In my case I was running Gananche Blockchain simulation on my machine, once I quit that application I was able to use Homebrew.
I faced this issue recently and I was not sure what is my proxy address and port as nothing was selected under the connection proxy.
Followed this :
Click on "System Preferences" then "Network", on selected connection click "Advanced", then click "proxy"
I simply appended ', *raw.githubusercontent.com*' in text area given for "Bypass proxy settings for these Hosts & Domains:"
It now looks like:
*.local, 169.254/16, raw.githubusercontent.com
Now, retry /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
literally just restart the machine. Worked well for me.
I'm able to solve this issue by cloning the repository to local directory and executing install.sh file manually.
Steps:
git clone https://github.com/Homebrew/install.git
/bin/bash install/install.sh
Thank me later ;)
I am currently attempting to install RVM on an Ubuntu server using version 8.04.4.
At the moment I am a attempting a single user install. I am the only person who administers this machine and I am still pretty noobish at this. I am currently following he installations guide on the RVM site and added the 'k' flag to the curl command. The complaints about the certificate still do not go away.
$ bash -s stable < <(curl -sk https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer)
Downloading RVM from wayneeseguin branch stable
curl: (77) error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
Could not download 'https://github.com/wayneeseguin/rvm/tarball/stable'.
curl returned status '77'.
My ultimate goal is merely to upgrade ruby from v1.8.6 to 1.9.2 on this machine.
I've noticed many people recommending against a multi-user installation which is why I have yet to attempt it. Is it recommended that I try a multi-user installation? If not can someone assist me in eradicating this certificate issue?
Thanks in advance.
Do it single user. Your problem isn't RVM though -- it's the CA certs.
Read this link and make sure your SSL is up to date, and you have installed the CA certs:
https://help.ubuntu.com/community/OpenSSL
To install ca certs on Ubuntu using apt:
apt-get install ca-certificates
according to man curl this problem is:
77 Problem with reading the SSL CA cert (path? access rights?).
I guess you have sissues with access rights to the mentioned file:
/etc/ssl/certs/ca-certificates.crt
make sure is readable for all users:
sudo chmod 755 /etc/ /etc/ssl/ /etc/ssl/certs/
sudo chmod 644 /etc/ssl/certs/ca-certificates.crt
RVM is running into a certificate error when trying to download Ruby 1.9.2. It looks like curl is having a certificate issue but I am not sure how to bypass it. I have included the exact error info below.
$ rvm install 1.9.2
Installing Ruby from source to: /Users/willdennis/.rvm/rubies/ruby-1.9.2-p180, this may take a while depending on your cpu(s)...
ruby-1.9.2-p180 - #fetching
ERROR: Error running 'bunzip2 '/Users/willdennis/.rvm/archives/ruby-1.9.2-p180.tar.bz2'', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/extract.log
ruby-1.9.2-p180 - #extracting ruby-1.9.2-p180 to /Users/willdennis/.rvm/src/ruby-1.9.2-p180
ruby-1.9.2-p180 - #extracted to /Users/willdennis/.rvm/src/ruby-1.9.2-p180
Fetching yaml-0.1.3.tar.gz to /Users/willdennis/.rvm/archives
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). The default
bundle is named curl-ca-bundle.crt; you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
ERROR: There was an error, please check /Users/willdennis/.rvm/log/ruby-1.9.2-p180/*.log. Next we'll try to fetch via http.
Trying http:// URL instead.
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). The default
bundle is named curl-ca-bundle.crt; you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
ERROR: There was an error, please check /Users/willdennis/.rvm/log/ruby-1.9.2-p180/*.log
Extracting yaml-0.1.3.tar.gz to /Users/willdennis/.rvm/src
ERROR: Error running 'tar zxf /Users/willdennis/.rvm/archives/yaml-0.1.3.tar.gz -C /Users/willdennis/.rvm/src --no-same-owner', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/yaml/extract.log
/Users/willdennis/.rvm/scripts/functions/packages: line 55: cd: /Users/willdennis/.rvm/src/yaml-0.1.3: No such file or directory
Configuring yaml in /Users/willdennis/.rvm/src/yaml-0.1.3.
ERROR: Error running ' ./configure --prefix="/Users/willdennis/.rvm/usr" ', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/yaml/configure.log
Compiling yaml in /Users/willdennis/.rvm/src/yaml-0.1.3.
ERROR: Error running '/usr/bin/make ', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/yaml/make.log
Installing yaml to /Users/willdennis/.rvm/usr
ERROR: Error running '/usr/bin/make install', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/yaml/make.install.log
ruby-1.9.2-p180 - #configuring
ERROR: Error running ' ./configure --prefix=/Users/willdennis/.rvm/rubies/ruby-1.9.2-p180 --enable-shared --disable-install-doc --with-libyaml-dir=/Users/willdennis/.rvm/usr ', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/configure.log
ERROR: There has been an error while running configure. Halting the installation.
How can I resolve or avoid this error?
In case any one else comes across this while trying to update to 1.9.3 (although version probably doesn't matter), check the version of rvm that you have. Wayne seems to have moved from rvm.beginrescueend.com to rvm.io. The old site's security certificate has expired, so curl's response is correct.
Updating rvm from the new site fixed this problem and allowed me to move forward.
$ \curl -L https://get.rvm.io | bash -s stable --rails --autolibs=enabled
Update: As #rodgerdpack mentioned, the command changes and I've updated the above. In general, see https://rvm.io/ for the latest.
If do not want to change the script AND you do not want to add a cert "for ever" to the cert bundle. There is a very nice and quick solution:
#to download the cert
wget http://curl.haxx.se/ca/cacert.pem
#to let curl use it for the next calls
export CURL_CA_BUNDLE=~/cacert.pem
Then run your script.
To reset the environment variable (for subsequent script calls that should not use this cert) re-login to your system or unset the environment variable:
export CURL_CA_BUNDLE=
Curl is invoked in .rvm/scripts/fetch, which by default will be in your home directory.
Edit this using your favourite text editor: for example,
nano ~/.rvm/scripts/fetch
In lines 56 and 58 (may vary with other versions of RVM, of course) you'll see two lines which begin
fetch_command="curl ...
Simply add -k after curl, save and try again.
You need to download the ca certificate from http://curl.haxx.se/ca/cacert.pem and add them to your curl-ca-bundle-new.crt file.
To find the location of this file use:
$ curl-config --ca
/usr/share/curl/curl-ca-bundle.crt
Backup your curl-ca-bundle.crt file:
$ cp /usr/share/curl/curl-ca-bundle.crt /usr/share/curl/curl-ca-bundle.crt.old
Then you want to concatenate the two file using:
$ cat cacert.pem /usr/share/curl/curl-ca-bundle.crt >> curl-ca-bundle-new.crt
Perhaps all these complicated solutions were once necessary, but now all you need to do is first upgrade RVM and your problem will be solved:
$ rvm get stable
$ rvm reload
$ rvm install ruby-1.9.3-p194
If you don't mind disabling certificate check in curl (I don't):
echo insecure > ~/.curlrc
On Centos 5.6 (Final)
I had a problem with installing rvm 1.9.2
The error was:
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). The default
bundle is named curl-ca-bundle.crt; you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
ERROR: There was an error, please check /usr/local/rvm/log/ruby-1.9.2-p290/*.log. Next we'll try to fetch via http.
Trying http:// URL instead.
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). The default
bundle is named curl-ca-bundle.crt; you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
ERROR: There was an error, please check /usr/local/rvm/log/ruby-1.9.2-p290/*.log
ERROR: There has been an error while trying to fetch the source.
Halting the installation.
ERROR: There has been an error fetching the ruby interpreter. Halting the installation.
Here is a list of actions which helped me to solve the problem
$ curl-config --ca # show path to the certificate
/usr/local/share/curl/curl-ca-bundle.crt
$ cd /usr/local/share/curl/ # go to that path
$ cp curl-ca-bundle.crt curl-ca-bundle.crt.bak # backup certificate
$ curl http://curl.haxx.se/ca/cacert.pem -o curl-ca-bundle.crt # download new
$ rvm install 1.9.2 # bingo it works
Btw curl version is curl 7.18.0 (to check '$ curl -V')
I was attempting to install ruby-1.9.2-p290 and came across the same problem. After running which curl and realizing that the curl instance was coming from an installation of MAMP on my system (OS X Snow Leopard), I reconfigured my PATH variable to use the system default at /usr/bin/curl. Using this version, curl 7.19.7, I had no problem installing the latest version of Ruby with RVM.
I had trouble installing 1.9.2 using RVM, here is my solution:
Download yaml-0.1.3.tar.gz from http://www.filewatcher.com/m/yaml-0.1.3.tar.gz.466845.0.0.html
Save it to /Users//.rvm/archives/yaml-0.1.3.tar.gz
Run these commands:
chmod 777 yaml-0.1.3.tar.gz
tar zxf /Users//.rvm/archives/yaml-0.1.3.tar.gz -C /Users//.rvm/src
I still got the file not found error but the installation went on to be successful
[2011-07-05 14:24:07] tar zxf /Users//.rvm/archives/yaml-0.1.3.tar.gz -C /Users//.rvm/src --no-same-owner
tar (child): /Users//.rvm/archives/yaml-0.1.3.tar.gz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error exit delayed from previous errors
Thank you Dorothy - this recipe worked for me with the following minor modifications for a Win7 environment:
For others with this issue -
Appreciate the discussion about updating the CA_Bundle - Good to do
but it didn't help with this issue - the pyyaml website cert will still
cause CURL to throw an error and since CURL is launched within the installer,
no way to add a -k option.
Ruby 1.9.2-p290 is trying to install YAML 0.1.4 so Google for a
mirror and download that version - YAML-0.1.3 will have no effect in
bypassing the issues.
You need to do the windows equivalent of CHMOD 777 - within the rvm/src
folder to the extracted files. Change security so that everyone has
ownership/all privileges and turn off the read-only attribute for all files and
folders.
The installer will still throw errors when it tries to download (CURL error), but will resume by trying to extract. The extraction will throw errors because the tarball is already extracted to the src folder. The next step of configuring YAML should work without errors if permissions in step 3 were set correctly and the installation should complete without further problems. (If installing via cygwin/bash, you will need to add a C compiler like 'gcc' and add 'ncurses' (tput command) and 'make' to the default core cygwin setup options.)
$ sudo apt-get install curl
$ curl -L https://get.rvm.io | bash -s stable --ruby with ruby
$ curl -L https://get.rvm.io | bash -s stable --rails with rails