From: martijn+ruby@...
Date: 2014-12-21T20:10:56+00:00
Subject: [ruby-core:67024] [ruby-trunk - Bug #10627] gem update fails with a certificate verification error

Issue #10627 has been updated by Martijn Saly.


So now every new installation of Ruby & Gem has to undergo a tedious process of some sort, because someone decided it was a good idea to install an unsupported server certificate? Really?

Why is it not being fixed from your end?

----------------------------------------
Bug #10627: gem update fails with a certificate verification error
https://bugs.ruby-lang.org/issues/10627#change-50550

* Author: Martijn Saly
* Status: Rejected
* Priority: Normal
* Assignee: 
* Category: 
* Target version: 
* ruby -v: ruby 2.1.5p273 (2014-11-13 revision 48405) [x64-mingw32]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN
----------------------------------------
Whenever I execute `gem update` or `gem update --system` it returns this error:

~~~
ERROR:  While executing gem ... (Gem::RemoteFetcher::FetchError)
    SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)
~~~

This is on Ruby 2.1.5 with Gem 2.4.2 on Windows 7 x64.
I'm using the x64 version from here: http://rubyinstaller.org/downloads/

This is 100% reproducible, in a normal and in an elevated command prompt.

Not sure if this is a security problem. I'm fairly sure this problem did not exist a couple of days ago, using the exact same client. This indicates there's a problem on the remote server, and not really on my end.



-- 
https://bugs.ruby-lang.org/