SSL certificate error for rubygems.org and the fix

SSL Certificate

While running bundle install in my rails application, I have seen this error message:

Fetching source index from https://rubygems.org/
Retrying fetcher due to error (2/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn’t have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit.ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change ‘https’ to ‘http’.
Retrying fetcher due to error (3/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn’t have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit.ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change ‘https’ to ‘http’.
Retrying fetcher due to error (4/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn’t have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit.ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change ‘https’ to ‘http’.
Could not verify the SSL certificate for https://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn’t have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit.ly/ruby-ssl. To connect
without using SSL, edit your Gemfile sources and change ‘https’ to ‘http’.

Here is the solution for this problem:

Update gem version

1
2
3
4
cd /var/tmp
wget --no-check-certificate https://rubygems.org/downloads/rubygems-update-2.6.7.gem
gem install --local /var/tmp/rubygems-update-2.6.7.gem
update_rubygems --no-ri --no-rdoc

Restart VM and try to run bundle install again.

If the above solution is not working

If this process does not work for you, you can try manually adding the new certificate.

Step 1: Download certificate manually

1
wget https://raw.githubusercontent.com/rubygems/rubygems/master/lib/rubygems/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem -O /var/tmp/GlobalSignRootCA.pem

Step 2: Locate RubyGems certificate directory in your installation

1
2
3
gem which rubygems
cd /home/yuxi/.rbenv/versions/2.3.1/lib/ruby/site_ruby/2.3.0/rubygems/ssl_certs/rubygems.org
cp /var/tmp/GlobalSignRootCA.pem .
Share