Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ssl_verify_mode + bundler + geminabox

Tags:

ruby

ssl-certificate

bundler

gemfile

geminabox

I'm trying to set up a private geminabox server to hold some gems my project is developing. I have the server set up, with passenger nginx running geminabox as a rack app. I am able to bundle install pointing at the server without using SSL.

Since naked HTTP traffic is never ideal, I want to add SSL as well. To get a proof of concept working, I added an SSL cert and verified I could still see the geminabox front end with gem I have installed.

When I go back to my ruby project, I run a bundle install and get:

Could not verify the SSL certificate for https://********.com/.

There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see bit.ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.

Following the link the error message gave me, I decided to start by adding ~/.gemrc with the contents:

:ssl_verify_mode: 0

(not ideal, and not the permanent solution). Now I get:

Fetching source index from https://***.com/

Resolving dependencies...

Could not verify the SSL certificate for https://***.com/quick/Marshal.4.8/sqlite3-1.3.10-x86-mswin32-60.gemspec.rz. There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see bit.ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.

My question is, how do I correctly set SSL verify to off in bundler? Is there another setting I should use? Thanks for any help you can give...

My system:

Ubuntu 14.04

Ruby 2.1.2

Bundler version 1.8.4

like image 279
phlogiston Avatar asked Oct 31 '22 08:10

phlogiston

1 Answers

Rather than answering how to disable validation (I'm not sure how or if it's possible, and I can't recommend it) here is how to specify a path to a custom CA certificate file, which is a more secure solution:

bundle config --global ssl_ca_cert /path/to/file.pem

Source http://bundler.io/man/bundle-config.1.html#LIST-OF-AVAILABLE-KEYS

like image 113
Tim Moore Avatar answered Nov 15 '22 05:11

Tim Moore
Sign in to Comment

Related questions

Convert File::Stat to hash ruby
How to delete a folder in s3?
How to completely remove an empty element from an array with JBuilder
Ruby: gets.chomp with default value
Require a gem outside the Gemfile
Uprgrading to Rails 4.1 getting error: ArgumentError: Unknown key: :order
Using money-rails: How to manually set an attribute's currency
How to create xml element with attribute and value in Nokogiri
Querying in rails on attr_encrypted column
package.json (javascript npm) or requirements.txt (python pip) equivalent for ruby
Rspec testing API versioning
Can't get past installing debugger
"first!" on AR CollectionProxy raises "undefined method [] for nil" after updating from Rails 4.1.4 to 4.2.0
Ruby's Array Combination Method
User's threads in Thin, Sinatra application on Heroku
Install OpenSSL with Ruby for eventmachine on Windows 7 x86
Is UTF-8 the default encoding in Ruby v.2?
Source does not contain any versions of 'rails-assets-lodash (~> 2.4)
how to set the encoding of stdin in Ruby
Can I traverse symlinked directories in Ruby with a "**" glob?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!