up vote 15 down vote favorite 3

Trying to install Foundation after installing nodejs, ruby, and git plus bower.

I keep getting the following error and I dont know how to fix it:

Could not find a valid gem 'foundation' (>= 0), here is why: Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/latest_specs.4.8.gz)

Any ideas?

ruby gem installation zurb-foundation share | improve this question edited Jan 19 '15 at 15:59 Akarienta 2,402 1 14 40 asked Dec 19 '14 at 20:13 NixondisNRVA 82 1 1 6 1   This How to Answer[1] works, saved me a day! [1]: stackoverflow.com/questions/27278966/… –  user1981526 Mar 30 '15 at 8:11 add a comment  | 

7 Answers 7

active oldest votes up vote 30 down vote

Try this (quick but insecure)

gem sources --remove https://rubygems.org/
gem sources -a http://rubygems.org/

NOTE : Downloading over HTTP will be unencrypted

share | improve this answer edited Nov 16 '16 at 4:14 answered Mar 2 '15 at 5:47 Dongho Yoo 1,261 12 11 5   The download of future gems will be susceptible to MITM. Your gem could be easily backdoor. –  h3xStream Mar 3 '15 at 22:16 2   this worked. will put it back to https now that i got foundation done –  Dustin Silk May 5 '15 at 7:48 1   worked for me too –  user1713964 Nov 3 '15 at 11:58 3   I think you should add a disclaimer informing people that this disables a security feature. Downloading over HTTP will be unencrypted, but first of all vulnerable to tampering, which could lead to running/distributing malware. –  Ydob Emos Oct 20 '16 at 14:02 1   Although works this solution is risky. A hacker can supply you with modified package which contains security hole in it. Please see this answer instead. –  gerrytan Dec 4 '16 at 2:08 add a comment  |  up vote 11 down vote

Look at this, the issue is explained in detail:

https://gist.github.com/luislavena/f064211759ee0f806c88

share | improve this answer answered Dec 30 '14 at 18:57 Sébastien 1,703 17 50      And be sure to read the comments at the end of that gist. –  binki Oct 10 '16 at 13:58 add a comment  |  up vote 6 down vote

If you're using RVM (highly recommended) you can run

rvm osx-ssl-certs update all

Otherwise you can follow the directions at http://guides.rubygems.org/ssl-certificate-update/ and while the update_rubygems patch didn't do anything for me, manually installing the .pem file probably would have worked.

share | improve this answer edited Jan 24 at 17:56 answered Oct 16 '16 at 21:35 Ryan Taylor 2,032 16 16 add a comment  |  up vote 5 down vote

Please read the background and follow the official guide from rubygems.org on how to fix this.

TL;DR:

  1. Download rubygems-update-2.6.7.gem (link will be stale when new version is out)
  2. gem install --local $USER\Downloads\rubygems-update-2.6.7.gem
  3. update_rubygems --no-ri --no-rdoc
  4. gem uninstall rubygems-update -x
share | improve this answer answered Dec 4 '16 at 2:06 gerrytan 24.1k 6 51 73      Thanks very much! It worked for me, and isn't nearly as dangerous as the top-rated answer. –  Fomentia Dec 21 '16 at 18:40 add a comment  |  up vote 4 down vote

Taken from the reference given by Sébastien

Basicaly, you download the latest certificate and place it in $RUBYHOME/lib/ruby/2.1.0/rubygems/ssl_certs. (Note that you might have a different version of rubygems installed than 2.1.0, so adjust the path appropriately).

Rubygems should be using the certificate the next time you call the gem command.

share | improve this answer edited Oct 10 '16 at 18:26 binki 1,616 1 16 27 answered Mar 2 '15 at 3:16 h3xStream 3,884 2 24 33      I tried this but it wasn't helpful sadly u.u –  Metafaniel Oct 12 '16 at 14:06      @Metafaniel Where’d you get stuck? –  binki Oct 12 '16 at 17:16 add a comment  |  up vote 1 down vote

You need to update your gem installation to the version 2.6.7. Try this solution here:

https://github.com/rubygems/rubygems/issues/1770

http://guides.rubygems.org/ssl-certificate-update/#installing-using-update-packages

share | improve this answer answered Nov 13 '16 at 2:52 André Luiz Reis 695 5 5 add a comment  |  up vote 0 down vote

On linux, or in a docker container the following command will solve the problem:

curl https://raw.githubusercontent.com/rubygems/rubygems/master/lib/rubygems/ssl_certs/index.rubygems.org/GlobalSignRootCA.pem > $(ruby -ropenssl -e 'puts OpenSSL::X509::DEFAULT_CERT_FILE')

The above command will fetch the CA cert that rubygems expects when connecting to its website and install it in the location that ruby expects the cert to live.

Thanks to Gabe Evans helpful blog post, for detailing a smart way of solving the problem in one line of code.

I modified Gabe's solution to use the CA cert specified on the rubygems website. Further discussion of why this problem arose can be found there.

The benefit of this solution is that it uses https to fetch the updated cert for rubygems. Since it fetches this cert from github it can work even with a SHA1 cert. It is also handy because it uses ruby, by pulling in the openssl library to place the cert where it needs to go.

share | improve this answer answered Jan 2 at 4:00 dashaxiong 255 1 2 12 add a comment  | 

Your Answer

  draft saved draft discarded

Sign up or log in

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Post as a guest

Name Email discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged ruby gem installation zurb-foundation or ask your own question.

快照源:http://my.oschina.net/joymufeng/blog/652310