Ruby using wrong version of openssl

Question

 $ brew install openssl
Warning: openssl-1.0.2a-1 already installed
 $ openssl version
OpenSSL 0.9.8zd 8 Jan 2015
 $ ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION'
OpenSSL 1.0.1j 15 Oct 2014
 $ rvm -v
rvm 1.26.11 (latest) by Wayne E. Seguin <[email protected]>, Michal Papis <[email protected]> [https://rvm.io/]

I'm seeing a lot of discrepancies between the versions of openssl. Homebrew thinks it's on 1.0.2a-1, openssl itself thinks it's on 0.9.8zd, and Ruby thinks it's on 1.0.1j. I don't even know if any of these are actually up-to-date!

How can I resolve this discrepancy and get Ruby to use the correct version of OpenSSL? The fact that it's using the wrong version is stopping me from using secure APIs.

Answer 1

Installing OpenSSL with HomeBrew will not immediately link it as the default OpenSSL.

First, let's check which version are you using (on Jul 10, '15 the latest version is 1.0.2d):

openssl version -a
which openssl
ruby -r openssl -e 'puts OpenSSL::OPENSSL_VERSION'

Now, let's be sure to upgrade OpenSSL to the latest version:

brew update
brew install openssl
brew unlink openssl
brew link --force openssl

If you run the initial checks again, you should see the first 2 pointing to the newly installed OpenSSL. Ruby will most likely still point to the old one since it was compiled with it.

If it is pointing to the old version, let's recompile Ruby and point it to the new one. And just to be sure that it will use the correct version, let's pass the OpenSSL prefix -- although this shouldn't be needed since we linked homebrew's OpenSSL.

rvm get stable
rvm install ruby-2.1.6 --with-openssl-dir=`brew --prefix openssl`

(or rvm reinstall if you're already using 2.1.6)

This should do it.