0

I have an internal RubyGems registry from which I want to download some Gems. The registry is protected and requires a valid TLS Client Certificate.

I am able to reach the registry in Chrome (imported the certificate bundle into Chrome), but I am not able to do it with Bundler.

The documentation says ssl_client_cert has to be:

Path to a designated file containing a X.509 client certificate and key in PEM format.

I get the following error when using the certificate provided:

either PUB key nor PRIV key: nested asn1 error

How do I assemble my certificate and key?

Mickaël
  • 3,763
  • 5
  • 26
  • 32
  • Does [this](https://stackoverflow.com/questions/2293608/what-causes-neither-pub-key-nor-priv-key-nested-asn1-error-when-building-a-p) answer make sense? – Md. Farhan Memon Apr 23 '19 at 18:58
  • @Md.FarhanMemon it makes sense, but it doesn't help me. I have a keypair and a certificate over the public key, that I need to use for the connection. I'm not sure what needs to be included in the only file to be imported, nor how to assemble all the existing files. – Mickaël Apr 23 '19 at 19:09

1 Answers1

0

I finally found how to assemble the files:

# Concatenate the key and the certificate
openssl rsa -in key.pem > ruby-bundler-cert.pem 
openssl x509 -in cert.pem >> ruby-bundler-cert.pem
# Tell bundler to use the file 
bundle config ssl_client_cert ~/certs/ruby-bundler-cert.pem

Did you think this was enough? No! You also need to specify this value somewhere else: in your ~/.gemrc file.

:ssl_client_cert: "/full/path/to/the/certs/ruby-bundler-cert.pem"

Hope this will help other people.

Mickaël
  • 3,763
  • 5
  • 26
  • 32