SSL 错误 安装 rubygems 时,无法从“https://rubygems.org/”中提取数据
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19150017/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
SSL Error When installing rubygems, Unable to pull data from 'https://rubygems.org/
提问by tpw
I am trying to do the Michael Hartl tutorial. When I attempt to install rails 3.2.14 in my gemset, I get the following issue:
我正在尝试进行 Michael Hartl 教程。当我尝试在我的 gemset 中安装 rails 3.2.14 时,出现以下问题:
$ gem install rails -v 3.2.14
ERROR: Could not find a valid gem 'rails' (= 3.2.14), here is why:
Unable to download data from https://rubygems.org/- SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://s3.amazonaws.com/production.s3.rubygems.org/specs.4.8.gz)
$ gem install rails -v 3.2.14
错误:找不到有效的 gem 'rails' (= 3.2.14),原因如下:
无法从https://rubygems.org/下载数据- SSL_connect 返回=1 errno=0 state=SSLv3 读取服务器证书 B:证书验证失败(https://s3.amazonaws.com/production.s3.rubygems.org /specs.4.8.gz)
After Googling around, I found that I could use a non-SSL source for rubygems so I ran:
在谷歌搜索之后,我发现我可以使用非 SSL 源来获取 rubygems,所以我运行:
sudo gem sources -a http://rubygems.org
Then, when I tried to install rails again, it was successful. However, I still got the issue above but as a warning:
然后,当我再次尝试安装 rails 时,它成功了。但是,我仍然遇到上述问题,但作为警告:
WARNING: Unable to pull data from 'https://rubygems.org/': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://s3.amazonaws.com/production.s3.rubygems.org/specs.4.8.gz)
警告:无法从“ https://rubygems.org/”中提取数据:SSL_connect 返回=1 errno=0 state=SSLv3 读取服务器证书 B:证书验证失败(https://s3.amazonaws.com/production.s3 .rubygems.org/specs.4.8.gz)
How can I remove this warning/error entirely?
如何完全删除此警告/错误?
I am using the following:
我正在使用以下内容:
- rvm 1.22.15
- ruby 2.0.0p247 (2013-06-27 revision 41674) [x86_64-darwin12.3.0]
- OSX 10.8.5
- 房车 1.22.15
- ruby 2.0.0p247 (2013-06-27 修订版 41674) [x86_64-darwin12.3.0]
- OSX 10.8.5
回答by mpapis
For RVM & OSX users
对于 RVM 和 OSX 用户
Make sure you use latest rvm:
确保您使用最新的 rvm:
rvm get stable
Then you can do two things:
然后你可以做两件事:
Update certificates:
rvm osx-ssl-certs update allUpdate rubygems:
rvm rubygems latest
更新证书:
rvm osx-ssl-certs update all更新 rubygems:
rvm rubygems latest
For non RVM users
对于非 RVM 用户
Find path for certificate:
查找证书路径:
cert_file=$(ruby -ropenssl -e 'puts OpenSSL::X509::DEFAULT_CERT_FILE')
Generate certificate:
生成证书:
security find-certificate -a -p /Library/Keychains/System.keychain > "$cert_file"
security find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain >> "$cert_file"
The whole code: https://github.com/wayneeseguin/rvm/blob/master/scripts/functions/osx-ssl-certs
整个代码:https: //github.com/wayneeseguin/rvm/blob/master/scripts/functions/osx-ssl-certs
For non OSX users
对于非 OSX 用户
Make sure to update package ca-certificates. (on old systems it might not be available - do not use an old system which does not receive security updates any more)
确保更新包ca-certificates。(在旧系统上它可能不可用 - 不要使用不再接收安全更新的旧系统)
Windows note
视窗笔记
The Ruby Installerbuilds for windows are prepared by Luis Lavenaand the path to certificates will be showing something like C:/Users/Luis/...check https://github.com/oneclick/rubyinstaller/issues/249for more details and this answer https://stackoverflow.com/a/27298259/497756for fix.
用于 Windows的Ruby 安装程序构建由Luis Lavena准备,证书路径将显示类似C:/Users/Luis/...检查https://github.com/oneclick/rubyinstaller/issues/249以获取更多详细信息和此答案https://stackoverflow.com /a/27298259/497756进行修复。
回答by beauXjames
Latest findings...
最新发现...
https://gist.github.com/luislavena/f064211759ee0f806c88
https://gist.github.com/luislavena/f064211759ee0f806c88
Most importantly...download https://raw.githubusercontent.com/rubygems/rubygems/master/lib/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot-2048.pem
Figure out where to stick it
弄清楚把它粘在哪里
C:\>gem which rubygems
C:/Ruby21/lib/ruby/2.1.0/rubygems.rb
Then just copy the .pem file in ../2.1.0/rubygems/ssl_certs/ and go on about your business.
然后只需将 .pem 文件复制到 ../2.1.0/rubygems/ssl_certs/ 并继续您的业务。
回答by Dheerendra Kulkarni
For windows users
对于 Windows 用户
Goto link http://rubygems.org/pages/download
转到链接http://rubygems.org/pages/download
- Download the latest zip file (In my case 2.4.5)
- Unzip it
- run "ruby setup.rb" in unzipped folder
- now run gem install command
- 下载最新的 zip 文件(在我的例子中是 2.4.5)
- 解压
- 在解压后的文件夹中运行“ruby setup.rb”
- 现在运行 gem install 命令
回答by Eduardo
If you want to use the non-SSL source, try removing the HTTPS source first, and then adding the HTTP one:
如果要使用非 SSL 源,请尝试先删除 HTTPS 源,然后添加 HTTP 源:
sudo gem sources -r https://rubygems.org
sudo gem sources -a http://rubygems.org
UPDATE:
更新:
As mpapis states, this should be used only as a temporary workaround. There could be some security concerns if you're accessing RubyGems through the non-SSL source.
正如 mpapis 所述,这应该仅用作临时解决方法。如果您通过非 SSL 源访问 RubyGems,则可能存在一些安全问题。
Once the workaround is not needed anymore, you should restore the SSL-source:
一旦不再需要解决方法,您应该恢复 SSL 源:
sudo gem sources -r http://rubygems.org
sudo gem sources -a https://rubygems.org
回答by roo2
On Windows you'll have to use HTTPsource to update gemthen change back to using HTTPS.
在 Windows 上,您必须使用HTTPsource 进行更新,gem然后改回使用HTTPS.
gem sources -r https://rubygems.org/
gem sources -a http://rubygems.org/
gem update --system
gem sources -r http://rubygems.org/
gem sources -a https://rubygems.org/
Edit: Warning I'm not sure if this is safe. Does anyone know if ruby packages are signed? The accepted answer looks like a better solution.
编辑:警告我不确定这是否安全。有谁知道 ruby 包是否已签名?接受的答案看起来是更好的解决方案。
回答by John Pankowicz
For Windows Users (and maybe others)
对于 Windows 用户(可能还有其他人)
Rubygems.org has a guide that not only explains how to fix this problem, but also why so many people are having it: SSL Certificate UpdateThe reason for the problem is rubygems.org switched to a more secure SSL certificate (SHA-2 which use 256bit encryption). The rubygems command line tool bundles the reference to the correct certificate. Therefore rubygems itself can't be updated using an older version of rubygems. Rubygems must first be updated manually.
Rubygems.org 有一个指南,不仅解释了如何解决这个问题,还解释了为什么这么多人有这个问题:SSL 证书更新问题的原因是 rubygems.org 切换到更安全的 SSL 证书(SHA-2使用 256 位加密)。rubygems 命令行工具捆绑了对正确证书的引用。因此,无法使用旧版本的 rubygems 更新 rubygems 本身。Rubygems 必须首先手动更新。
First find out what rubygems you have:
首先找出你有什么 rubygems:
rubygems –v
Depending on whether you have a 1.8.x, 2.0.x or 2.2.x, you will need to download an update gem, named “rubygems-update-X.Y.Z.gem”, where X.Y.Z is the version you need. Running 1.8.x: download: https://github.com/rubygems/rubygems/releases/tag/v1.8.30Running 2.0.x: download: https://github.com/rubygems/rubygems/releases/tag/v2.0.15Running 2.2.x: download: https://github.com/rubygems/rubygems/releases/tag/v2.2.3
根据您使用的是 1.8.x、2.0.x 还是 2.2.x,您需要下载一个名为“rubygems-update-XYZgem”的更新 gem,其中 XYZ 是您需要的版本。运行 1.8.x:下载:https: //github.com/rubygems/rubygems/releases/tag/v1.8.30运行 2.0.x:下载:https: //github.com/rubygems/rubygems/releases/tag/v2 .0.15运行 2.2.x:下载:https: //github.com/rubygems/rubygems/releases/tag/v2.2.3
Install update gem:
安装更新 gem:
gem install –-local full_path_to_the_gem_file
Run update gem:
运行更新 gem:
update_rubygems --no-ri --no-rdoc
Check that rubygems was updated:
检查 rubygems 是否已更新:
rubygems –v
Uninstall update gem:
卸载更新 gem:
gem uninstall rubygems-update -x
At this point, you may be OK. But it is possible that you do not have the latest public key file for the new certificate. To do this:
此时,您可能没问题。但您可能没有新证书的最新公钥文件。去做这个:
Download the latest certificate, (currently AddTrustExternalCARoot-2048.pem) from https://rubygems.org/pages/download. All of the certs are also located at: https://github.com/rubygems/rubygems/tree/master/lib/rubygems/ssl_certs
从https://rubygems.org/pages/download下载最新证书(当前为 AddTrustExternalCARoot-2048.pem)。所有证书也位于:https: //github.com/rubygems/rubygems/tree/master/lib/rubygems/ssl_certs
Find out where to put it:
找出把它放在哪里:
gem which rubygems
Put this file in the “rubygems\ssl_certs” directory at this location.
将此文件放在此位置的“rubygems\ssl_certs”目录中。
As per rubygems commit, the certificates are moved to more specific directories. Thus, currently the certificate(AddTrustExternalCARoot-2048.pem) is expected to be on the following path lib/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot-2048.pem
根据rubygems commit,证书被移动到更具体的目录。因此,目前证书(AddTrustExternalCARoot-2048.pem)预计在以下路径上lib/rubygems/ssl_certs/rubygems.org/AddTrustExternalCARoot-2048.pem
回答by Erran Morad
Try to use the source website for the gems, i.e rubygems.org. Use http instead of https. This method does not involve any work such as installing certs and all that.
尝试使用 gem 的源网站,即 rubygems.org。使用 http 而不是 https。此方法不涉及任何工作,例如安装证书等。
Example -
例子 -
gem install typhoeus --source http://rubygems.org
This works, but there is one caveat though.
这有效,但有一个警告。
The gem is installed, but the documentation is not because of cert errors. Here is the error I get
gem 已安装,但文档不是因为证书错误。这是我得到的错误
Parsing documentation for typhoeus-0.7.0 WARNING: Unable to pull
data from 'https://rubygems.org/': SSL_connect returned=1 errno=0
state=SSLv3 read server certificate B: certificate verify failed
(https://rubygems.org/latest_specs.4.8.gz)
回答by user3408293
Running gem update --systemworked for me
跑步gem update --system对我有用
回答by dbrewer
Make sure your system clock is correct
确保您的系统时钟正确
This exact error happened to me today on an Ubuntu virtual machine running on VirtualBox. I tried most of the solutions shown above before I noticed that I had resumed from a very old suspended state, and my clock was off by many days.
今天我在 VirtualBox 上运行的 Ubuntu 虚拟机上发生了这个确切的错误。我尝试了上面显示的大多数解决方案,然后才注意到我已经从一个非常旧的挂起状态恢复了,而且我的时钟已经关闭了很多天。
Updating the clock immediately fixed my issue. Here's the command I used in my case:
更新时钟立即解决了我的问题。这是我在我的案例中使用的命令:
sudo service ntp stop && sudo ntpdate pool.ntp.org && sudo service ntp start
须藤服务 ntp 停止 && 须藤 ntpdate pool.ntp.org && 须藤服务 ntp 开始
回答by ntj
Simply uninstalling and reinstalling openssl with homebrew solved this issue for me.
只需使用自制软件卸载并重新安装 openssl 即可为我解决此问题。
brew uninstall --force openssl
brew uninstall --force openssl
brew install openssl
brew install openssl
