Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Certificate problems installing gems from private gem server under Java 7 #2146

ghost opened this issue Nov 7, 2014 · 3 comments


Copy link

ghost commented Nov 7, 2014

I thought I'd leave a note about this here because it has caused me some pain. Maybe it will help someone else someday.

This is in an OS X environment. I have seen it on Lion through Mavericks. I have tried all of the suggestions about resolving ssl certificate problems related to gem installation and RVM that I could google up and none of them were helpful.

The problem: Unable to install gems from our private gem server. Error reads as follows:
jruby-$ gem install Foundation

ERROR: Could not find a valid gem 'Foundation' (>= 0), here is why: Unable to download data from - certificate verify failed (

Cause / Solution: This only occurs if the system java is set to use Java 7. It doesn't happen if the system is using Java 6. It turns out that I must have Java 7 installed. Java 6 and Java 7 can both be installed in OS X but obviously only one can be used at a time. I put the following lines in my .bash_profile and now toggle them as necessary.
export JAVA_HOME='/usr/libexec/java_home -v 1.6'
# export JAVA_HOME='/usr/libexec/java_home -v 1.7'
(note: the single quotes in the above statements need to actually be backticks. I couldn't figure out how to get them to show up. Tried backslash backtick which I think should've worked but it didn't.)

Anyway, seems like a pretty simple solution to the problem but frustrating as heck if you don't think of going down that path.

Copy link

headius commented Nov 8, 2014

The problem here sounds like your Java 1.7 install doesn't have current certificates. The certificats in the JDK need to be updated using keytool. Depending on the platform, the instructions to actually update the certs will differ slightly.

I believe @mpapis also wants to use keytool to update JDK certs when installing JRuby, but I'm not sure about the status of that change. I have personally had to import certificates into the JDK a few times, and it's not difficult.

Copy link

mpapis commented Nov 8, 2014

RVM does automatically migrate OSX certificates to MRIs openssl during ruby installation, we can do the same for JRuby, there is also option to run the certificates update in cron.

@mfaughn-prometheus please open a ticket for RVM here:

I also do not think it's JRuby issue and this report should be closed.

Copy link

Found it!


Figure out where to stick it

C:\>gem which rubygems

Then just copy the .pem file in there and go on about your business.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet

No branches or pull requests

3 participants