Search code examples
rubyruby-on-rails-3rubygemsbundler

"bundle install" CA certificates


I am attempting to create a github pages website, and it requires me to do

bundle install

I have tried this, and this is the error message I'm getting:

Fetching source index from https://rubygems.org/
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see
https://railsapps.github.com/openssl-certificate-verify-failed.html. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'

I am wary of using 'http' to solve this issue. I have tried downloading the SSL cert file and have followed this guide, but unfortunately am unable to solve the issue: https://bundler.io/guides/rubygems_tls_ssl_troubleshooting_guide.html

These are the two commands I have run:

sudo cp ~/GlobalSignRootCA_R3.pem /usr/lib/ruby/vendor_ruby/rubygems/ssl_certs/rubygems.org
sudo cp ~/GlobalSignRootCA_R3.pem /usr/lib/ruby/3.0.0/rubygems/ssl_certs

Is there anything else I can do? I've looked at the other StackExchange posts, and it seems like this is an old but resolved issue, so I'm at a loss. I am using a Linux machine. Thank you!


Solution

  • I am not exactly sure where you get that error and if you could provide more details on which exact request fails. From the logs it looks like something with github. Then the error might be due to the certificate rotation a while ago.

    They updated their RSA SSH host keys

    As they describe, remove the old one:

    ssh-keygen -R github.com
    

    ... and add the current host to the ~/.ssh/known_hosts, e.g. by running the following:

    ssh-keygen -R github.com
    curl -L https://api.github.com/meta | jq -r '.ssh_keys | .[]' | sed -e 's/^/github.com /' >> ~/.ssh/known_hosts
    

    The fingerprint is SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s