Can't run Ruby 2.2.3 with RVM on OSX

Question

I've got two MacBooks (one on Mavericks, the other on Yosemite) and the same thing happens on both. After installing Ruby 2.2.3 with RVM, I get the following error:

.rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/net/http.rb:923:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (Faraday::SSLError)

I've tried searching for a solution online, but nothing seems to work. Most of the people having this issues are running Windows machines.

$ rvm osx-ssl-certs status all
Certificates for /usr/local/etc/openssl/cert.pem: Up to date.
Certificates for /etc/openssl/cert.pem: Up to date.

Switching back to 2.2.2 works fine. Any thoughts?

have you read this article? https://gist.github.com/luislavena/f064211759ee0f806c88 — Artur Peniche, Sep 02 '15 at 13:04
Yes, I already have a AddTrustExternalCARoot-2048.pem in my .rvm/rubies/ruby-2.2.3/lib/ruby/2.2.0/rubygems/ssl_certs folder — Sebastian, Sep 02 '15 at 13:08

Sebastian · Accepted Answer · 2015-09-03T12:27:40.767

22

Downloading http://curl.haxx.se/ca/cacert.pem and adding

export SSL_CERT_FILE=PATH_TO_THe_DOWNLOADED_FILE/cacert.pem

to the .bash_profile/.zshrc partially fixed the issue, because it throws the following error on my system:

Excon::Errors::SocketError: Unable to verify certificate, please set `Excon.defaults[:ssl_ca_path] = path_to_certs`, `ENV['SSL_CERT_DIR'] = path_to_certs`, `Excon.defaults[:ssl_ca_file] = path_to_file`, `ENV['SSL_CERT_FILE'] = path_to_file`, `Excon.defaults[:ssl_verify_callback] = callback` (see OpenSSL::SSL::SSLContext#verify_callback), or `Excon.defaults[:ssl_verify_peer] = false` (less secure).

Setting Excon.defaults[:ssl_verify_peer] to false in a Rails initializer (only on development/test envs) makes it work.

Update: Reinstalling 2.2.3 from source got rid of all my problems.

rvm remove 2.2.3
rvm install 2.2.3 --disable-binary

edited Sep 03 '15 at 12:27

answered Sep 02 '15 at 21:41

Sebastian

2,154
1
26
42

1

Ditto on reinstalling and disabling binary solving these problems. – coreyward Nov 18 '15 at 19:44
Why does disabling binary fix it? – Taysky Nov 28 '15 at 21:24
1

@Taysky the reason disabling the binary works is that the binaries being used by RVM are linking to /etc/openssl for the certs dir and the cert file, which is mostly likely not where they are most peoples systems. You can of course just set the path using the environmental variables noted. However some people would rather just compile ruby by hand and avoid that. – geekbri Dec 09 '15 at 18:15
@geekbri - ah ok. Thanks! – Taysky Dec 10 '15 at 17:39
can't you just `rvm reinstall 2.2.3 --disable-binary`? No idea if that will work 100%, though. – Ben Aubin Jan 19 '16 at 02:48
That works for me. Although there is still SSL warnings but the bundler works. Thanks very much! – Colin Lee Feb 12 '17 at 02:39

score 0 · Answer 2 · answered Mar 11 '16 at 16:32

0

Couldn't help myself otherwise than with brew install openssl on El Capitan. I've tried everything like updating certs using RVM, replacing SSL certs from haxx.se, or reinstalling ruby. Nothing else worked.

answered Mar 11 '16 at 16:32

igraczech

2,408
3
25
30

Can't run Ruby 2.2.3 with RVM on OSX

2 Answers2

Linked