Rubygems: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: tlsv1 alert protocol version
I'm having a problem or would like to suggest a feature.
My current problem is
ERROR: Could not find a valid gem 'sass' (>= 0), here is why:
Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: tlsv1 alert protocol version (https://rubygems.org/latest_specs.4.8.gz)
This issue is related to:
- [x] Network problems
- [x] Installing a library
- [ ] Publishing a library
- [x] The command line
gem - [ ] Other
Here are my current environment details:
$ gem env version
2.0.14.1
I'm using Mac OS Sierra Version 10.12.6. This problem only started happening recently.
I will abide by the code of conduct.
jerometerry
All 10 comments
Many servers are only allowing SSL/HTTPS connections with a newer protocol. What version of Ruby are you using and what is returned by:
ruby -ropenssl -e "p OpenSSL::OPENSSL_VERSION"
I believe OpenSSL 1.0.0 or earlier will not work. Since you've got RubyGems 2.0.14.1, you probably need to upgrade Ruby/OpenSSL
MSP-Greg
on 31 Jul 2018
"OpenSSL 0.9.8zc 19 Mar 2015"
jerometerry
on 31 Jul 2018
Time for an upgrade.
There are popular gems that only test with Ruby 2.2 forward, and RubyGems is also testing the same way.
I believe OpenSSL went 0.9.8 => 1.0.0 => 1.0.1 => 1.0.2 => 1.1.0. 1.0.1 and earlier are no longer supported, 1.0.2 is maintenance, 1.1.0 is current, and 1.1.1 is on .pre8.
MSP-Greg
on 31 Jul 2018
OK, thanks.
jerometerry
on 31 Jul 2018
I had a hard time getting Ruby to use the correct version of OpenSSL. What I ended up doing was using RVM and specifying the OpenSSL dir installed via brew.
brew uninstall ruby
brew install openssl
brew install gnupg
gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
curl -sSL https://get.rvm.io | bash -s stable --ruby
~/.rvm/bin/rvm reinstall ruby-2.5.1 --with-openssl-dir='/usr/local/opt/openssl'
Then added these paths to the environment
~/.rvm/gems/default/bin
~/.rvm/rubies/default/bin
I also had a hard time. This worked for me also... Thanks for the post.
ltpwebseo
on 24 Nov 2018
Thank you for sharing this solution @jerometerry This worked for me too!
yalonsob
on 23 Jan 2019
OSX Sierra version 10.12.6
if you are getting error like
ERROR: Could not find a valid gem '<some package name>' (>= 0), here is why:
Unable to download data from https://rubygems.org/ - SSL_connect retur
test your TLS v1.2 support
$ ruby -ropenssl -e 'puts "TLS v1.2 support: #{OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1_2)}"'
TLS v1.2 support: false
notice you're getting false meaning not supported
$ brew install ruby
$ echo 'export PATH="/usr/local/opt/ruby/bin:$PATH"' >> ~/.bash_profile
$ export LDFLAGS="-L/usr/local/opt/ruby/lib"
$ export CPPFLAGS="-I/usr/local/opt/ruby/include"
$ export PKG_CONFIG_PATH="/usr/local/opt/ruby/lib/pkgconfig"
$ source ~/.bash_profile
test your TLS v1.2 support again
$ ruby -ropenssl -e 'puts "TLS v1.2 support: #{OpenSSL::SSL::SSLContext::METHODS.include?(:TLSv1_2)}"'
-e:1: warning: constant OpenSSL::SSL::SSLContext::METHODS is deprecated
TLS v1.2 support: true
notice you're getting true meaning it is supported,
Also published it on following gist
marekyggdrasil
on 4 Feb 2019
@marekyggdrasil : Thanks it worked for me.
rezsharmeen
on 29 Mar 2019
The question is : why using the latest encryption for anonymous public content ?
I don't get that.
jief666
on 22 May 2019
Related issues
gavingmiller
路
3Comments
Fryguy
路
3Comments
agrobbin
路
3Comments
eregon
路
3Comments
adrianomitre
路
5Comments
Most helpful comment
OSX Sierra version 10.12.6
if you are getting error like
test your TLS v1.2 support
notice you're getting
falsemeaning not supportedtest your TLS v1.2 support again
notice you're getting
truemeaning it is supported,Also published it on following gist