306  

Update

更新

Now that I've karma wh..err mined enough from this answer everyone should know that this should have been fixed.

现在我已经有了因果报应。从这个答案中挖掘出足够多的信息，每个人都应该知道这应该是固定的。

re: via Ownatik again bundle install fails with SSL certificate verification error

re:通过Ownatik再次捆绑安装失败，使用SSL证书验证错误。

gem update --system

My answer is still correct and left below for reference if that ends up not working for you.

我的答案仍然是正确的，如果结果不为你工作的话，我会留下参考。

Honestly the best temporary solution is to

老实说，最好的临时解决办法是。

[...] use the non-ssl version of rubygems in your gemfile as a temporary workaround.

[…]在gemfile中使用非ssl版本的rubygems作为临时解决方案。

via user Ownatik

通过用户Ownatik

what they mean is at the top of the Gemfile in your rails application directory change

它们的意思是在您的rails应用程序目录更改的Gemfile顶部!

source 'https://rubygems.org'

源“https://rubygems.org”

to

来

source 'http://rubygems.org'

源“http://rubygems.org”

note that the second version is http instead of https

注意，第二个版本是http而不是https。

220  

Replace the ssl gem source with non-ssl as a temp solution:

用非ssl替代ssl gem源作为临时解决方案:

• gem sources -r https://rubygems.org/
• 宝石来源- r https://rubygems.org/
• gem sources -a http://rubygems.org/
• 宝石来源——http://rubygems.org/

161  

The reason is old rubygems. You need to update system part using non ssl source first:

原因是老rubygems。您需要首先使用非ssl数据源更新系统部分:

gem update --system --source http://rubygems.org/ (temporarily updating system part using non-ssl connection).

gem更新——系统——源http://rubygems.org/(使用非ssl连接临时更新系统部分)。

Now you're ready to use gem update.

现在可以使用gem更新了。

112  

If you're on a mac and use a recent version of RVM (~1.20), the following command worked for me.

如果您使用的是mac，并且使用RVM的最新版本(~1.20)，下面的命令对我有效。

rvm osx-ssl-certs update

55  

This issue should now be fixed. Update rubygems (gem update --system), make sure openssl is at the latest version on your OS, or try these tips of it's still not working: http://railsapps.github.com/openssl-certificate-verify-failed.html

这个问题现在应该解决了。更新rubygems (gem更新—系统)，确保openssl是最新版本的操作系统，或者尝试这些方法仍然不工作:http://railsapps.github.com/openssl-verify-failed.html。

49  

Temporary solution (as alluded to by Ownatik):

临时解决方案(由Ownatik提及):

Create or modify a file called .gemrc in your home path, including the line :ssl_verify_mode: 0

在您的home路径中创建或修改一个名为.gemrc的文件，包括:ssl_verify_mode: 0。

This will prevent bundler from checking the SSL certificates of gems when it attempts to install them.

这将防止bundler在试图安装gem时检查SSL证书。

For *nix devices, 'home path' means ~/.gemrc. You can also create /etc/gemrc if you prefer. For Windows XP, 'home path' means c:\Documents and Settings\All Users\Application Data\gemrc. For Windows 7, C:\ProgramData\gemrc

对于*nix设备，“home path”的意思是~/.gemrc。如果您愿意，也可以创建/etc/gemrc。对于Windows XP,“回家的路”意味着c:\Documents and Settings\All用户\ \ gemrc应用程序数据。Windows 7,C:\ ProgramData \ gemrc

15  

The real solution to this problem, if you are using RVM:

这个问题的真正解决方案，如果你使用RVM:

1. Update rubygems: gem update --system
2. 更新rubygems: gem更新—系统。
3. Use RVM to refresh SSL certs: rvm osx-ssl-certs update all
4. 使用RVM刷新SSL证书:RVM osx-ssl-certs更新所有。

Hat tip to this tip on the RailsApps project!

在RailsApps项目上给这个提示戴上帽子!

15  

On windows7 you can download the cacert.pem file from here and set the environementvariable SSL_CERT_FILE to the path where you store the certificate eg

在windows7上你可以下载cacert。这里的pem文件将环境变量SSL_CERT_FILE设置为存储证书的路径。

SET SSL_CERT_FILE="C:\users\<username>\cacert.pem"

or you can set the variable in your script like this ENV['SSL_CERT_FILE']="C:/users/<username>/cacert.pem"

或者您可以在脚本中设置这个变量，比如这个ENV['SSL_CERT_FILE']="C:/user / /cacert.pem"

Replace <username> with you own username.

用您自己的用户名替换 。

7  

For those of you that have ruby installed through RVM and want a quick fix (preferring not to read per Bruno's request) just try this:

对于那些通过RVM安装了ruby并希望快速修复的用户(不愿意阅读布鲁诺的请求)，请尝试以下方法:

rvm remove 1.9.x (or whatever version of ruby you are using)
rvm pkg install openssl
rvm install 1.9.2 --with-openssl-dir=$rvm_path/usr

For a more details, here is the link where I found the solution.

关于更多的细节，这里是我找到解决方案的链接。

http://railsapps.github.com/openssl-certificate-verify-failed.html

http://railsapps.github.com/openssl-certificate-verify-failed.html

BTW, I didn't have to touch my certificates on Ubuntu.

顺便说一句，我没必要在Ubuntu上碰我的证书。

Best of all, this isn't a workaround. It will download gems through SSL and fail if there if there is a problem like a man in the middle attack which is much better than just turning off security.

最好的是，这不是一个变通方法。它将通过SSL下载gems，如果在中间攻击中出现像一个人这样的问题，这比关闭安全性要好得多。

6  

This has been fixed

这是固定的

http://guides.rubygems.org/ssl-certificate-update/

http://guides.rubygems.org/ssl-certificate-update/

Now that RubyGems 2.6.x has been released, you can manually update to this version.

现在2.6 RubyGems。x已经发布，您可以手动更新到这个版本。

Download https://rubygems.org/downloads/rubygems-update-2.6.7.gem

下载https://rubygems.org/downloads/rubygems-update-2.6.7.gem

Please download the file in a directory that you can later point to (eg. the root of your harddrive C:)

请将该文件下载到您稍后可以指向的目录中(如。你的硬盘的根:

Now, using your Command Prompt:

现在，使用命令提示:

C:\>gem install --local C:\rubygems-update-2.6.7.gem
C:\>update_rubygems --no-ri --no-rdoc

After this, gem --version should report the new update version.

在此之后，gem—版本应该报告新的更新版本。

You can now safely uninstall rubygems-update gem:

您现在可以安全地卸载rubygems-update gem:

C:\>gem uninstall rubygems-update -x

5  

You can download a list of CA certificates from curl's website at http://curl.haxx.se/ca/cacert.pem

您可以从curl的网站http://curl.haxx.se/ca/cacert.pem下载CA证书的列表。

Then set the SSL_CERT_FILE environment variable to tell Ruby to use it. For example, in Linux:

然后设置SSL_CERT_FILE环境变量，让Ruby使用它。例如,在Linux中:

$ SSL_CERT_FILE=~/cacert.pem bundle install

(Reference: https://gist.github.com/fnichol/867550)

(参考:https://gist.github.com/fnichol/867550)

5  

Simple copy paste instruction given here about .pem file

简单的复制粘贴指令在这里给出。pem文件。

https://gist.github.com/luislavena/f064211759ee0f806c88

https://gist.github.com/luislavena/f064211759ee0f806c88

For certificate verification failed

证书验证失败

If you've read the previous sections, you will know what this means (and shame > on you if you have not).

如果你读过前面的章节，你就会知道这是什么意思(如果没有的话，你会感到羞愧)。

We need to download AddTrustExternalCARoot-2048.pem. Open a Command Prompt and type in:

我们需要下载AddTrustExternalCARoot-2048.pem。打开命令提示符并输入:

C:>gem which rubygems C:/Ruby21/lib/ruby/2.1.0/rubygems.rb Now, let's locate that directory. From within the same window, enter the path part up to the file extension, but using backslashes instead:

C:> gem rubygems C:/ Ruby21 / lib / ruby / 2.1.0 / rubygems。现在，让我们找到那个目录。从同一个窗口中，输入路径部分到文件扩展名，但是使用反斜杠:

C:>start C:\Ruby21\lib\ruby\2.1.0\rubygems This will open a Explorer window inside the directory we indicated.

C:>启动C:\Ruby21\lib\ruby\2.1.0\rubygems这将在我们所指示的目录中打开一个资源管理器窗口。

Step 3: Copy new trust certificate

步骤3:复制新的信任证书。

Now, locate ssl_certs directory and copy the .pem file we obtained from previous step inside.

现在，找到ssl_certs目录并复制我们从之前的步骤中获得的.pem文件。

It will be listed with other files like GeoTrustGlobalCA.pem.

它将与其他文件一起列出，比如GeoTrustGlobalCA.pem。

4  

same problem but with different gem here:

同样的问题，但这里有不同的宝石:

Gem::RemoteFetcher::FetchError: SSL_connect returned=1 errno=0 state=SSLv3 
read server certificate B: certificate verify failed 
(https://bb-m.rubygems.org/gems/builder-3.0.0.gem)
An error occured while installing builder (3.0.0), and Bundler cannot continue.
Make sure that `gem install builder -v '3.0.0'` succeeds before bundling.

temporarily solution: gem install builder -v '3.0.0' makes it possible to continue bundle install

暂时解决方案:gem安装构建器-v '3.0.0'使继续包安装成为可能。

4  

This is How you fix this problem on Windows:

这就是如何在Windows上解决这个问题:

download .perm file then set the SSL_CERT_FILE in command prompt

下载.perm文件，然后在命令提示符中设置SSL_CERT_FILE。

https://gist.github.com/fnichol/867550

https://gist.github.com/fnichol/867550

3  

I get a slightly different error, though perhaps related, on Ubuntu 12.04:

我有一个稍微不同的错误，虽然可能是有关的，在Ubuntu 12.04:

Gem::RemoteFetcher::FetchError: SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert handshake failure (https://d2chzxaqi4y7f8.cloudfront.net/gems/activesupport-3.2.3.gem)
An error occured while installing activesupport (3.2.3), and Bundler cannot continue.
Make sure that `gem install activesupport -v '3.2.3'` succeeds before bundling.

It happens when I run bundle install with source 'https://rubygems.org' in a Gemfile.

当我在一个Gemfile中使用source 'https://rubygems.org'进行安装时，会发生这种情况。

This is an issue with OpenSSL on Ubuntu 12.04. See Rubygems issue #319.

这是OpenSSL在Ubuntu 12.04上的一个问题。Rubygems问题# 319。

To fix this, run apt-get update && apt-get upgrade on Ubuntu 12.04 to upgrade your OpenSSL.

为了解决这个问题，在Ubuntu 12.04上运行apt-get update && apt-get升级，以升级您的OpenSSL。

3  

The simplest solution:

最简单的解决方案:

rvm pkg install openssl
rvm reinstall all --force

Voila!

瞧!

3  

I was able to track this down to the fact that the binaries that rvm downloads do not play nice with OS X's OpenSSL, which is old and is no longer used by the OS.

我可以追踪到这个事实，即rvm下载的二进制文件不适合OS X的OpenSSL，这是旧的，不再被操作系统使用。

The solution for me was to force compilation when installing Ruby via rvm:

我的解决方案是在安装Ruby via rvm时强制编译:

rvm reinstall --disable-binary 2.2

3  

My permanent fix for Windows:

我永久修理窗户:

1. Download the CACert , save as C:\ruby\ssl_certs\GlobalSignRootCA.pem from http://guides.rubygems.org/ssl-certificate-update/

   下载CACert，保存为C:\ruby\ssl_certs\GlobalSignRootCA。pem从http://guides.rubygems.org/ssl-certificate-update/

2. Create system variable named "SSL_CERT_FILE", set to C:\ruby\ssl_certs\GlobalSignRootCA.pem.

   创建名为“SSL_CERT_FILE”的系统变量，设置为C:\ruby\ssl_certs\GlobalSignRootCA.pem。

3. Try again: gem install bundler:

   再试一次:gem安装bundler:

C:\gem sources
*** CURRENT SOURCES ***
https://rubygems.org/

C:\gem install bundler
Fetching: bundler-1.13.5.gem (100%)
Successfully installed bundler-1.13.5
1 gem installed

3  

Thx to @Alexander.Iljushkin for:

Thx @Alexander。Iljushkin:

gem update --system --source http://rubygems.org/

gem更新——系统——源http://rubygems.org/。

After that bundler still failed and the solution to that was:

在那之后，邦德勒还是失败了，解决办法是:

gem install bundler

gem安装打包机

2  

I was getting a similar error. Here is how I solved this: In your path directory, check for Gemfile. Edit the source in the gemfile to http instead of https and save it. This might install the bundler without the SSL certificate issue.l

我也犯了类似的错误。下面是我如何解决这个问题:在您的路径目录中，检查Gemfile。在gemfile中编辑源文件到http而不是https并保存它。这可能会在没有SSL证书问题的情况下安装bundler。

2  

For Windows machine, check your gem version with

对于Windows机器，请检查gem版本。

gem --version

Then update your gem as follow:

然后更新您的gem如下:

• Running 1.8.x: download 1.8.30
• 1.8运行。x:下载1.8.30
• Running 2.0.x: download 2.0.15
• 2.0运行。x:下载2.0.15
• Running 2.2.x: download 2.2.3
• 2.2运行。x:下载2.2.3

Please download the file in a directory that you can later point to (eg. the root of your hard drive C:)

请将该文件下载到您稍后可以指向的目录中(如。你硬盘的根:

Now, using your Command Prompt:

现在，使用命令提示:

C:\>gem install --local C:\rubygems-update-1.8.30.gem
C:\>update_rubygems --no-ri --no-rdoc

Now, bundle install will success without SSL certificate verification error.

现在，bundle安装将成功，没有SSL证书验证错误。

More detailed instruction is here

更详细的说明在这里。

1  

This worked for me:

这工作对我来说:

• download latest gem at https://rubygems.org/pages/download
• 在https://rubygems.org/pages/download下载最新的gem。
• install the gem with gem install --local [path to downloaded gem file]
• 安装gem安装-本地[路径下载gem文件]
• update the gems with update_rubygems
• 使用update_rubygems更新gem。
• check that you're on the latest gem version with gem --version
• 检查你是在最新的宝石版本的宝石-版本。

1  

I had to reinstall openssl:

我必须重新安装openssl:

brew uninstall --force openssl
brew install openssl

1  

I was just recently faced with this issue and followed the steps outlined here. There might be a chance that you are not pointing to the right OpenSSL certificate. After running:

我最近刚刚面对这个问题，并遵循了这里列出的步骤。可能您没有指向正确的OpenSSL证书。在运行:

rvm osx-ssl-certs status all
rvm osx-ssl-certs update all

and

和

export SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt

the bundle complete ran!

包完成了!

1  

Download rubygems-update-2.6.7.gem .

下载rubygems-update-2.6.7。宝石。

Now, using your Command Prompt:

现在，使用命令提示:

C:\>gem install --local C:\rubygems-update-2.6.7.gem
C:\>update_rubygems --no-ri --no-rdoc

After this, gem --version should report the new update version.

在此之后，gem—版本应该报告新的更新版本。

You can now safely uninstall rubygems-update gem:

您现在可以安全地卸载rubygems-update gem:

C:\>gem uninstall rubygems-update -x
Removing update_rubygems
Successfully uninstalled rubygems-update-2.6.7

0  

To note, if you're grabbing gems from a source which SSL cert is trusted by an internal certificate authority (or you are connecting to an external source through a company web proxy with SSL inspection), point your SSL_CERT_FILE env variable to your certificate chain. This most likely just requires exporting your root certificate from your certificate store (System Keychain on macOS) to an accessible location from your shell i.e.:

要注意的是，如果您正在从一个由内部证书颁发机构信任的源中获取gem(或者您通过一个公司web代理通过SSL检查连接到外部源)，那么将您的SSL_CERT_FILE env变量指向您的证书链。这很可能只需要将您的根证书从您的证书存储库(macOS上的系统Keychain)导出到从您的shell中可以访问的位置，即:

export SSL_CERT_FILE=~/RootCert.pem

0  

If you're using rails-assets

If you were using https://rails-assets.org/ to manage your assets, no answers will help you. Even converting to http won't help.

如果你使用https://rails-assets.org/来管理你的资产，没有答案会帮助你。即使转换到http也无济于事。

The simplest fix is using this source instead, http://insecure.rails-assets.org. This has been mentioned in their homepage.

最简单的解决方法是使用这个源，http://insecure.rails-assets.org。在他们的主页上已经提到过。

0  

The only thing that worked for me on legacy windows system and ruby 1.9 version is downloading cacert file from http://guides.rubygems.org/ssl-certificate-update/

我在遗留windows系统和ruby 1.9版本中唯一的工作就是从http://guides.rubygems.org/ssl-certificateupdate/下载cacert文件。

And then running below command before running bundle install

然后在运行bundle安装之前运行以下命令。

bundle config --global ssl_ca_cert /path/to/file.pem