Rubygems: Gem install fails with SSL certificate connection error

You may need to update your Ruby to use a newer version of OpenSSL

Well, I found this on http://rubyinstaller.org/downloads/

If you don’t know what version to install and you’re getting started with Ruby, we recommend you use Ruby 2.2.X installers.

So I updated my ruby to 2.2.5, but it didn't help me. Should I update ruby to 2.3.1?

I had a similar issue:

$ gem install bundler
ERROR:  Could not find a valid gem 'bundler' (>= 0), here is why:
          Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=error: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)

I'm running:
rvm 1.27.0
ruby ruby 2.3.1p112 (via RVM)
gem 2.6.7

I tried following a number of suggestions provided in https://github.com/rubygems/rubygems/issues/1050, including the solution here: https://gist.github.com/luislavena/f064211759ee0f806c88#installing-using-update-packages-new

None of those worked for me. Turns out my OS X certs were out of date, I guess.

The solution that worked for me is updating my OS X certs with brew (took the suggestions from here) :

brew update
brew install openssl
brew tap raggi/ale
brew install openssl-osx-ca

Then, doing a gem update --system and gem install bundler worked fine. Hope this helps.

@ptrikutam thanks for the link to OpenSSL Errors and Rails – Certificate Verify Failed. Following the instructions for the section Use RVM to Fix SSL Certificates worked for me.

@ckenst Glat to hear it. For what it's worth, using RVM to fix the certs didn't work for me, I had to use brew.

I am getting similar error with gem install mysql2:

WARNING: Unable to pull data from 'https://rubygems.org/': SSL_connect returned =1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
(https://api.rubygems.org/specs.4.8.gz)

Is this a temp issue and will go away? I am using 2.4.5 version of ruby gem. I was able to make gem download the mysql2 using [insecure] http by [redacted for security purposes]

But I do not think this could be used as long term solution.

Same error :(

Same here.
Happens when trying to install bundler.

Windows 10
Ruby 2.2.4p230
gem 2.4.5.1

Edit: I was able to fix it by downloading the latest rubygems version (2.6.7) and updating from the downloaded gem.

So, the reason why this is happening is because rubygems.org updated their SSL certificate and older versions don't have the updated certificate bundled.

If you're using a traditional OpenSSL distribution then updating it would likely pull in new certificates that include the new rubygems certificate.

If you're on Windows(where the certifications aren't included) or don't have or can't update system certifications for whatever reason, then you will have to update rubygems through other means. See https://gist.github.com/luislavena/f064211759ee0f806c88#installing-using-update-packages-new, but get a more recent updated package.

Unfortunately, there really isn't any other way to solve this issue other than updating your system certificates (impossible for typical Windows users), obtaining the new certificate manually, or through a manually updating rubygems.

Edit: Here's a quicklink download to the updated gem: https://rubygems.org/downloads/rubygems-update-2.6.7.gem

Thank you, manual updating of rubygem helped me.

To followup @wwwbeck's comment, I noticed that rubygems could be persnickety about trailing slashes. If you do gem sources -v, you might see "https://rubygems.org/", in which case you'll need to do gem sources -r https://rubygems.org/.

I noticed this problem with a fresh installation on windows using the ruby-installer.
Another (imho better workaround) is [REDACTED, instead perform a manual upgrade as described on https://rubygems.org/pages/download]

@deveth0 Worked for me (on Windows 10) using the latest installer for 2.3.1 (x64) from link. And running the commands you suggested.
Thanks a lot.

Thanks @deveth0. [REDACTED] gave me

ERROR:  While executing gem ... (Gem::OperationNotSupportedError)
    Not connected to a tty and no default specified

on Windows 10

The bug is with connection establishment over https. [REDACTED]

http is unsecure and can leave you vulnerable to a MITM attack

Yes using http over https exposes you to MITM attacks.for local development and testing purposes http can be given a shot. In most of the cloud hosting dependencies installation is taken care by the vendor.

Hello shiny happy people,

I have win 10 - 64x

Manual set up instructions on this link solved issue. http://guides.rubygems.org/ssl-certificate-update/#manual-solution-to-ssl-issue

I hope this could help someone

Greetings.

I highly recommend people reading this thread as well: https://github.com/rubygems/rubygems/issues/1758 It contained the only solution that worked for me (and I tried many).

I simply had to change to ruby-2.3.0 and it installed fine for me.

Updating ruby version (to 2.4.1) worked for me too...

I think it was an openssl error for me, something about downloading openssl first and then maybe updates breaking somewhere along the way after brew install [pkg] multiple times. I removed openssl, reinstalled, that seemed to have fixed it.

The certificate changed. Just run the following command, if you are using OSX:

rvm osx-ssl-certs update all

Guys read ferhoba's response. Trust me, it works like charm.

Hi, you should exclude your system from ssl or https scanning first then try
It will work definitely otherwise let me know
[email protected]

C:\Windows\system32>gem install rails --no-ri --no-rdoc

C:\Windows\system32>gem install rails --no-ri --no-rdoc
Fetching: nokogiri-1.8.2-x64-mingw32.gem ( 3%)Fetching: nokogiri-1.8.2Fetching: nokogiri-1.8.2-x64-mingw32.gem ( 4%)Fetching: nokogiri-1.8.2Fetching: nokogiri-1.8.2-x64-mingw32.gem ( 3%)Fetching: nokogiri-1.8.2Fetching: nokogiri-1.8.2-x64-mingw32.gem ( 17%)Fetching: nokogiri-1.8.2Fetching: nokogiri-1.8.2-x64-mingw32.gem ( 8%)Fetching: nokogiri-1.8.2Fetching: nokogiri-1.8.2-x64-mingw32.gem ( 15%)Fetching: nokogiri-1.8.2Fetching: nokogiri-1.8.2-x64-mingw32.gem ( 8%)Fetching: nokogiri-1.8.2Fetching: nokogiri-1.8.2-x64-mingw32.gem ( 10%)ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
too many connection resets (https://api.rubygems.org/gems/nokogiri-1.8.2-x64-mingw32.gem)

can't install rails on win 10 x-64 please need help

I had this issue, and it turned out the rubygems.org certificate was newer than the time on my vagrant machine. Setting the correct time in the vagrant fixed the issue for me.

I didn't want to update rubygems or any other gem because i'm following a tutorial. I followed the link posted by ferhoba. All i did was download the new cert and save it in my ssl_certs folder and i was able to install everything fine.

I was running Ruby22x64 and experienced the SSL error. Used the installer Ruby+Devkit 2.4.X https://github.com/oneclick/rubyinstaller2/releases/download/rubyinstaller-2.4.4-1/rubyinstaller-devkit-2.4.4-1-x64.exe and tried again with success.

If i install the COCOAPODS it will showing this ERROR MESSAGE

ERROR: Could not find a valid gem 'cocoapods' (>= 0), here is why:
Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: tlsv1 alert protocol version (https://rubygems.org/latest_specs.4.8.gz)

How to Fix it??

I was able to solve my problem by just installing my environment through Linux Ubuntu subsystem (I'm on Windows)

Download the cacert.pem file from http://curl.haxx.se/ca/cacert.pem. Save this file to C:\RailsInstaller\cacert.pem.

Now make ruby aware of your certificate authority bundle by setting SSL_CERT_FILE. To set this in your current command prompt session, type:

set SSL_CERT_FILE=C:\RailsInstaller\cacert.pem

The certificate changed. Just run the following command, if you are using OSX:

rvm osx-ssl-certs update all

This worked

When I try to bundle I am getting

There is a chance you are experiencing a man-in-the-middle attack, but most
likely your system doesn't have the CA certificates needed for verification. For
information about OpenSSL certificates.

None of the above solutions is working. I am using macOS BigSur.

The certificate changed. Just run the following command, if you are using OSX:
rvm osx-ssl-certs update all

This worked

This worked me too in MacOs BigSur

Thank you all!!