New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

"Unable to download from ..." SSL Certificat Error #1050

Closed
Protosac opened this Issue Oct 16, 2014 · 63 comments

Comments

Projects
None yet
@Protosac

The error is as follows:

https://gist.github.com/Protosac/a5b86b0461940d36e298

Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://rubygems.org/specs.4.8.gz)

I saw some old posts about this but they didn't offer any solutions, since it seemed the error isn't on the user side. Any help appreciated.

@drbrain

This comment has been minimized.

Show comment
Hide comment
@drbrain

drbrain Oct 16, 2014

Member

SSLv3 is no longer supported due to POODLE. What OpenSSL version are you using?

Member

drbrain commented Oct 16, 2014

SSLv3 is no longer supported due to POODLE. What OpenSSL version are you using?

@Protosac

This comment has been minimized.

Show comment
Hide comment
@Protosac

Protosac Oct 16, 2014

I'm not sure, but if you tell me where to find that info I'll look.

This problem started about an hour ago. I've been installing gems just fine and I haven't made any real changes to Ruby (I've just been installing gems). It just stopped working.

EDIT: Wanted to mention I'm using Ruby 2.1.0 and I've been installing gems to use with a new Rails installation. I'm an amateur.

I'm not sure, but if you tell me where to find that info I'll look.

This problem started about an hour ago. I've been installing gems just fine and I haven't made any real changes to Ruby (I've just been installing gems). It just stopped working.

EDIT: Wanted to mention I'm using Ruby 2.1.0 and I've been installing gems to use with a new Rails installation. I'm an amateur.

@ferventcoder

This comment has been minimized.

Show comment
Hide comment
@ferventcoder

ferventcoder Oct 16, 2014

I'm running into this as well. I originally reported over at oneclick/rubyinstaller#241 to give @luislavena a heads up.

I'm running into this as well. I originally reported over at oneclick/rubyinstaller#241 to give @luislavena a heads up.

@luislavena

This comment has been minimized.

Show comment
Hide comment
@luislavena

luislavena Oct 16, 2014

Member

@ferventcoder looking into this with RubyGems folks at #rubygems on IRC.

Member

luislavena commented Oct 16, 2014

@ferventcoder looking into this with RubyGems folks at #rubygems on IRC.

@ferventcoder

This comment has been minimized.

Show comment
Hide comment

joining...

@ferventcoder

This comment has been minimized.

Show comment
Hide comment
@ferventcoder

ferventcoder Oct 16, 2014

This is resolved for Windows now based on conversation in irc. Looks like SSLv3 is still disabled, so that is FTW.

This is resolved for Windows now based on conversation in irc. Looks like SSLv3 is still disabled, so that is FTW.

@ferventcoder

This comment has been minimized.

Show comment
Hide comment
@ferventcoder

ferventcoder Oct 16, 2014

@Protosac what platform are/were you seeing this issue from?

@Protosac what platform are/were you seeing this issue from?

@Protosac

This comment has been minimized.

Show comment
Hide comment
@Protosac

Protosac Oct 16, 2014

Windows 7. Thanks all for the information and updates. I'll let you know if I'm still having any issues, but it seems like this is all temporary.

Windows 7. Thanks all for the information and updates. I'll let you know if I'm still having any issues, but it seems like this is all temporary.

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Oct 16, 2014

Member

Recap: Several Windows users were having trouble connecting to rubygems.org with the new SSL cert we deployed today. We rolled back the cert and that seems to have fixed the problem. However, we do need to re-deploy this cert in the very near future.

Looks like this is related or similar to #665 ?

@drbrain Do the vendored certs need to be updated? The new cert has a completely different chain.

Member

dwradcliffe commented Oct 16, 2014

Recap: Several Windows users were having trouble connecting to rubygems.org with the new SSL cert we deployed today. We rolled back the cert and that seems to have fixed the problem. However, we do need to re-deploy this cert in the very near future.

Looks like this is related or similar to #665 ?

@drbrain Do the vendored certs need to be updated? The new cert has a completely different chain.

@Protosac

This comment has been minimized.

Show comment
Hide comment
@Protosac

Protosac Oct 16, 2014

No issues since the roll back. Sorry I didn't think to mention it earlier but I'm using Windows 7 64-bit if that matters.

No issues since the roll back. Sorry I didn't think to mention it earlier but I'm using Windows 7 64-bit if that matters.

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Nov 1, 2014

Member

@drbrain Any ideas here? We need to push the new cert out soon - probably this week.

Member

dwradcliffe commented Nov 1, 2014

@drbrain Any ideas here? We need to push the new cert out soon - probably this week.

@luislavena

This comment has been minimized.

Show comment
Hide comment
@luislavena

luislavena Nov 2, 2014

Member

@dwradcliffe if we change the certs, we need the new chains and new releases of RubyGems versions.

Problem is chicken-egg situation:

  • You change certs on the server
  • We release updates versions of RubyGems
  • Users cannot install them with current version against the new certs

I think this needs to be rolled out in two phases to avoid this:

  • Releases of RubyGems that include chains for existing and the certs
  • Ensure users upgrade to those versions (1.8.x, 2.x, etc)
  • Switch servers to new new certs.

@drbrain does something like the above plan works?

Member

luislavena commented Nov 2, 2014

@dwradcliffe if we change the certs, we need the new chains and new releases of RubyGems versions.

Problem is chicken-egg situation:

  • You change certs on the server
  • We release updates versions of RubyGems
  • Users cannot install them with current version against the new certs

I think this needs to be rolled out in two phases to avoid this:

  • Releases of RubyGems that include chains for existing and the certs
  • Ensure users upgrade to those versions (1.8.x, 2.x, etc)
  • Switch servers to new new certs.

@drbrain does something like the above plan works?

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Nov 3, 2014

Member

Sounds like a mess, but I don't think we have a choice.

Member

dwradcliffe commented Nov 3, 2014

Sounds like a mess, but I don't think we have a choice.

@indirect

This comment has been minimized.

Show comment
Hide comment
@indirect

indirect Nov 3, 2014

Member

We also need to release new versions of Bundler, so please ping me about this.

Member

indirect commented Nov 3, 2014

We also need to release new versions of Bundler, so please ping me about this.

@luislavena

This comment has been minimized.

Show comment
Hide comment
@luislavena

luislavena Nov 3, 2014

Member

@dwradcliffe @indirect waiting from @drbrain confirmation if there is something else I'm missing.

Member

luislavena commented Nov 3, 2014

@dwradcliffe @indirect waiting from @drbrain confirmation if there is something else I'm missing.

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Nov 10, 2014

Member

@luislavena @drbrain Can we get this released ASAP? I'm expecting Chrome 39 to ship next week.

Member

dwradcliffe commented Nov 10, 2014

@luislavena @drbrain Can we get this released ASAP? I'm expecting Chrome 39 to ship next week.

@luislavena

This comment has been minimized.

Show comment
Hide comment
@luislavena

luislavena Nov 10, 2014

Member

@dwradcliffe I don't control RubyGems releases, I'm only contributor. Perhaps we can get @evanphx also to see if he can do the release?

Member

luislavena commented Nov 10, 2014

@dwradcliffe I don't control RubyGems releases, I'm only contributor. Perhaps we can get @evanphx also to see if he can do the release?

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Nov 11, 2014

Member

Rubygems v2.4.3 has been released. Thanks @drbrain!
New versions of bundler have also been released. Thanks @indirect!
I have re-deployed the new SSL certificate. If you see SSL connection problems, please upgrade to the latest rubygems/bundler.

Member

dwradcliffe commented Nov 11, 2014

Rubygems v2.4.3 has been released. Thanks @drbrain!
New versions of bundler have also been released. Thanks @indirect!
I have re-deployed the new SSL certificate. If you see SSL connection problems, please upgrade to the latest rubygems/bundler.

@luislavena

This comment has been minimized.

Show comment
Hide comment
@luislavena

luislavena Nov 11, 2014

Member

@dwradcliffe

Rubygems v2.4.3 has been released.

v2.4.x is broken on Windows. It has been reported and that is still pending someone to tackle that 😢

I have re-deployed the new SSL certificate. If you see SSL connection problems, please upgrade to the latest rubygems/bundler.

Things seems to be working (at least for now)

C:\Users\Luis>ruby -v
ruby 2.1.4p265 (2014-10-27 revision 48166) [i386-mingw32]

C:\Users\Luis>gem --version
2.2.2

C:\Users\Luis>gem update bundler
Updating installed gems
Updating bundler
Fetching: bundler-1.7.5.gem (100%)
Successfully installed bundler-1.7.5
Gems updated: bundler�

C:\Users\Luis>ruby -v
ruby 1.8.7 (2013-06-27 patchlevel 374) [i386-mingw32]

C:\Users\Luis>gem -v
1.8.29

C:\Users\Luis>gem update bundler
Updating installed gems
Updating bundler
Fetching: bundler-1.7.5.gem (100%)
Successfully installed bundler-1.7.5
Gems updated: bundler�
C:\Users\Luis>ruby -v
ruby 1.9.3p545 (2014-02-24) [i386-mingw32]

C:\Users\Luis>gem -v
1.8.29

C:\Users\Luis>gem update bundler
Updating installed gems
Updating bundler
Fetching: bundler-1.7.5.gem (100%)
Successfully installed bundler-1.7.5
Gems updated: bundler�

Member

luislavena commented Nov 11, 2014

@dwradcliffe

Rubygems v2.4.3 has been released.

v2.4.x is broken on Windows. It has been reported and that is still pending someone to tackle that 😢

I have re-deployed the new SSL certificate. If you see SSL connection problems, please upgrade to the latest rubygems/bundler.

Things seems to be working (at least for now)

C:\Users\Luis>ruby -v
ruby 2.1.4p265 (2014-10-27 revision 48166) [i386-mingw32]

C:\Users\Luis>gem --version
2.2.2

C:\Users\Luis>gem update bundler
Updating installed gems
Updating bundler
Fetching: bundler-1.7.5.gem (100%)
Successfully installed bundler-1.7.5
Gems updated: bundler�

C:\Users\Luis>ruby -v
ruby 1.8.7 (2013-06-27 patchlevel 374) [i386-mingw32]

C:\Users\Luis>gem -v
1.8.29

C:\Users\Luis>gem update bundler
Updating installed gems
Updating bundler
Fetching: bundler-1.7.5.gem (100%)
Successfully installed bundler-1.7.5
Gems updated: bundler�
C:\Users\Luis>ruby -v
ruby 1.9.3p545 (2014-02-24) [i386-mingw32]

C:\Users\Luis>gem -v
1.8.29

C:\Users\Luis>gem update bundler
Updating installed gems
Updating bundler
Fetching: bundler-1.7.5.gem (100%)
Successfully installed bundler-1.7.5
Gems updated: bundler�

@courtenay

This comment has been minimized.

Show comment
Hide comment
@courtenay

courtenay Nov 11, 2014

I'm still seeing this problem; note a slightly different error (certificate B)

$ ruby -v
ruby 2.1.4p265 (2014-10-27 revision 48166) [x86_64-darwin13.0]

$ gem -v
2.4.3

$ gem install rake
ERROR:  Could not find a valid gem 'rake' (>= 0), here is why:
          Unable to download data from https://rubygems.org - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)

I'm still seeing this problem; note a slightly different error (certificate B)

$ ruby -v
ruby 2.1.4p265 (2014-10-27 revision 48166) [x86_64-darwin13.0]

$ gem -v
2.4.3

$ gem install rake
ERROR:  Could not find a valid gem 'rake' (>= 0), here is why:
          Unable to download data from https://rubygems.org - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)
@MikaelSmith

This comment has been minimized.

Show comment
Hide comment
@MikaelSmith

MikaelSmith Nov 11, 2014

This still seems to be a problem on Windows; I don't see how the gem 2.4.3 release fixed it in any way.

This still seems to be a problem on Windows; I don't see how the gem 2.4.3 release fixed it in any way.

@MikaelSmith

This comment has been minimized.

Show comment
Hide comment
@MikaelSmith

MikaelSmith Nov 11, 2014

I [REDACTED], and manually installed 2.4.3. I still see the same errors @courtenay mentioned.

I [REDACTED], and manually installed 2.4.3. I still see the same errors @courtenay mentioned.

@luislavena

This comment has been minimized.

Show comment
Hide comment
@luislavena

luislavena Nov 11, 2014

Member

@dwradcliffe I can confirm that the change of the certificate has broken lot installations where RubyGems is not 2.4.3 possible (due 2.4.x bug I mentioned on Windows)

Also, by the approach taken it is now not possible to update RubyGems since the SSL connection cannot be established.

Member

luislavena commented Nov 11, 2014

@dwradcliffe I can confirm that the change of the certificate has broken lot installations where RubyGems is not 2.4.3 possible (due 2.4.x bug I mentioned on Windows)

Also, by the approach taken it is now not possible to update RubyGems since the SSL connection cannot be established.

@luislavena

This comment has been minimized.

Show comment
Hide comment
Member

luislavena commented Nov 11, 2014

@luislavena luislavena reopened this Nov 11, 2014

@luislavena

This comment has been minimized.

Show comment
Hide comment
@luislavena

luislavena Nov 11, 2014

Member

@drbrain @evanphx @skottler or @indirect can any of you revert the new SSL deployed to production?

It broke every single installation of Ruby that do not have the bundled certificates update and is not possible to upgrade to latest version of RubyGems because it can no longer connect to the server.

Not to mention that RubyGems 2.4.x is still broken on Windows.

I'm on IRC if you want to discuss my original plan to get this sorted out (which appears was ignored) 😢

Member

luislavena commented Nov 11, 2014

@drbrain @evanphx @skottler or @indirect can any of you revert the new SSL deployed to production?

It broke every single installation of Ruby that do not have the bundled certificates update and is not possible to upgrade to latest version of RubyGems because it can no longer connect to the server.

Not to mention that RubyGems 2.4.x is still broken on Windows.

I'm on IRC if you want to discuss my original plan to get this sorted out (which appears was ignored) 😢

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Nov 11, 2014

Member

I have rolled back the cert.

Member

dwradcliffe commented Nov 11, 2014

I have rolled back the cert.

@drbrain

This comment has been minimized.

Show comment
Hide comment
@drbrain

drbrain Nov 11, 2014

Member

What does the certificate change have to do with SSLv3 failures? We already don't allow SSLv3:

$ openssl s_client -host rubygems.org -port 443 -ssl3
CONNECTED(00000003)
23485:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:/SourceCache/OpenSSL098/OpenSSL098-52/src/ssl/s3_pkt.c:1125:SSL alert number 40
23485:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-52/src/ssl/s3_pkt.c:546:

So I'm puzzled why we see users with state=SSLv3 in the error report like @courtenay

Member

drbrain commented Nov 11, 2014

What does the certificate change have to do with SSLv3 failures? We already don't allow SSLv3:

$ openssl s_client -host rubygems.org -port 443 -ssl3
CONNECTED(00000003)
23485:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:/SourceCache/OpenSSL098/OpenSSL098-52/src/ssl/s3_pkt.c:1125:SSL alert number 40
23485:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-52/src/ssl/s3_pkt.c:546:

So I'm puzzled why we see users with state=SSLv3 in the error report like @courtenay

@luislavena

This comment has been minimized.

Show comment
Hide comment
@luislavena

luislavena Nov 11, 2014

Member

@drbrain seems new certs doesn't work with existing version of RubyGems:

https://gist.github.com/luislavena/96b7d47bfb6803a9b881

How users are supposed to upgrade to latest RubyGems if they cannot connect to https://rubygems.org because of the error?

I'm on IRC if you want to discuss this issue.

Member

luislavena commented Nov 11, 2014

@drbrain seems new certs doesn't work with existing version of RubyGems:

https://gist.github.com/luislavena/96b7d47bfb6803a9b881

How users are supposed to upgrade to latest RubyGems if they cannot connect to https://rubygems.org because of the error?

I'm on IRC if you want to discuss this issue.

@drbrain

This comment has been minimized.

Show comment
Hide comment
@drbrain

drbrain Nov 11, 2014

Member

@dwradcliffe is there a staging server you can deploy the new certificates to that we can test against?

Member

drbrain commented Nov 11, 2014

@dwradcliffe is there a staging server you can deploy the new certificates to that we can test against?

@indirect

This comment has been minimized.

Show comment
Hide comment
@indirect

indirect Nov 12, 2014

Member

@drbrain the staging server is staging.rubygems.org, and the sample script in this issue tests against it.

@luislavena thank you for the test! I have added the sha1 signed cert and written tests that try connecting to the hosts from your script for bundler: bundler/bundler@080e850. I plan to release point releases of Bundler 1.6 and 1.7 again today with the correct sha1 AddTrust cert.

Member

indirect commented Nov 12, 2014

@drbrain the staging server is staging.rubygems.org, and the sample script in this issue tests against it.

@luislavena thank you for the test! I have added the sha1 signed cert and written tests that try connecting to the hosts from your script for bundler: bundler/bundler@080e850. I plan to release point releases of Bundler 1.6 and 1.7 again today with the correct sha1 AddTrust cert.

@drbrain

This comment has been minimized.

Show comment
Hide comment
@drbrain

drbrain Nov 14, 2014

Member

2.4.4 is out now, can someone check it?

Member

drbrain commented Nov 14, 2014

2.4.4 is out now, can someone check it?

@MikaelSmith

This comment has been minimized.

Show comment
Hide comment
@MikaelSmith

MikaelSmith Nov 14, 2014

Update looks good to me. Not sure how to check it against
staging.rubygems.org though.

On Fri, Nov 14, 2014 at 11:28 AM, Eric Hodel notifications@github.com
wrote:

2.4.4 is out now, can someone check it?


Reply to this email directly or view it on GitHub
#1050 (comment).

Update looks good to me. Not sure how to check it against
staging.rubygems.org though.

On Fri, Nov 14, 2014 at 11:28 AM, Eric Hodel notifications@github.com
wrote:

2.4.4 is out now, can someone check it?


Reply to this email directly or view it on GitHub
#1050 (comment).

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Nov 15, 2014

Member

@MikaelSmith You can run something like this:

gem install rack --clear-sources --verbose --source https://staging.rubygems.org -v 1.5.2

You should see 401 Unauthorized, but shouldn't have any SSL errors.

Member

dwradcliffe commented Nov 15, 2014

@MikaelSmith You can run something like this:

gem install rack --clear-sources --verbose --source https://staging.rubygems.org -v 1.5.2

You should see 401 Unauthorized, but shouldn't have any SSL errors.

@MikaelSmith

This comment has been minimized.

Show comment
Hide comment
@MikaelSmith

MikaelSmith Nov 17, 2014

👍 Looks good.

👍 Looks good.

@roel666

This comment has been minimized.

Show comment
Hide comment

roel666 commented Dec 21, 2014

Love it

@ivanhoinacki

This comment has been minimized.

Show comment
Hide comment
@ivanhoinacki

ivanhoinacki Jan 5, 2015

@MikaelSmith @dwradcliffe I logged just to say I love you hahaha 💃

@MikaelSmith @dwradcliffe I logged just to say I love you hahaha 💃

@gigaimage

This comment has been minimized.

Show comment
Hide comment
@gigaimage

gigaimage Jan 20, 2015

On Win 7 machine:
C:>ruby -v
ruby 2.1.5p273 (2014-11-13 revision 48405) [x64-mingw32]

C:>gem --version
2.2.2

C:>gem update bundler
Updating installed gems
Nothing to update

C:>gem install rails
ERROR: Could not find a valid gem 'rails' (>= 0), here is why:
Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/latest_specs.4.8.gz)

On Win 7 machine:
C:>ruby -v
ruby 2.1.5p273 (2014-11-13 revision 48405) [x64-mingw32]

C:>gem --version
2.2.2

C:>gem update bundler
Updating installed gems
Nothing to update

C:>gem install rails
ERROR: Could not find a valid gem 'rails' (>= 0), here is why:
Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/latest_specs.4.8.gz)

@gigaimage

This comment has been minimized.

Show comment
Hide comment
@gigaimage

gigaimage Jan 20, 2015

I tried updating local gem... but failing on cert error

C:>gem update --system
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)

I tried updating local gem... but failing on cert error

C:>gem update --system
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Jan 20, 2015

Member

@gigaimage You need to update your rubygems version. See:
https://gist.github.com/luislavena/f064211759ee0f806c88

Member

dwradcliffe commented Jan 20, 2015

@gigaimage You need to update your rubygems version. See:
https://gist.github.com/luislavena/f064211759ee0f806c88

@gigaimage

This comment has been minimized.

Show comment
Hide comment

@dwradcliffe Thanks!

@gmangalo

This comment has been minimized.

Show comment
Hide comment
@gmangalo

gmangalo Jan 22, 2015

Hi,

Im seeing the same issue without the SSL error on my OS X 10.9.5

C:~ gmangalo$ gem update --system
Latest version currently installed. Aborting.
C:~ gmangalo$ gem -v
2.0.14
C:~ gmangalo$ ruby -v
ruby 2.0.0p481 (2014-05-08 revision 45883) [universal.x86_64-darwin13]
C:~ gmangalo$ ruby -ropenssl -e 'p OpenSSL::OPENSSL_VERSION'
"OpenSSL 0.9.8y 5 Feb 2013"
C:~ gmangalo$ gem install bundler
ERROR: Could not find a valid gem 'bundler' (>= 0), here is why:
Unable to download data from https://rubygems.org/ - no such name (https://rubygems.org/latest_specs.4.8.gz)

Tried adding --source parameter but no avail

[REDACTED - error indicates hostname lookup failure]

Hi,

Im seeing the same issue without the SSL error on my OS X 10.9.5

C:~ gmangalo$ gem update --system
Latest version currently installed. Aborting.
C:~ gmangalo$ gem -v
2.0.14
C:~ gmangalo$ ruby -v
ruby 2.0.0p481 (2014-05-08 revision 45883) [universal.x86_64-darwin13]
C:~ gmangalo$ ruby -ropenssl -e 'p OpenSSL::OPENSSL_VERSION'
"OpenSSL 0.9.8y 5 Feb 2013"
C:~ gmangalo$ gem install bundler
ERROR: Could not find a valid gem 'bundler' (>= 0), here is why:
Unable to download data from https://rubygems.org/ - no such name (https://rubygems.org/latest_specs.4.8.gz)

Tried adding --source parameter but no avail

[REDACTED - error indicates hostname lookup failure]

@shyakaster

This comment has been minimized.

Show comment
Hide comment
@shyakaster

shyakaster Feb 4, 2015

Am having the same certificate issue on windows 8.1.

Am having the same certificate issue on windows 8.1.

@lichtamberg

This comment has been minimized.

Show comment
Hide comment

me 2

@drbrain

This comment has been minimized.

Show comment
Hide comment
@drbrain

drbrain Apr 3, 2015

Member

@gmangalo you appear to be unable to resolve DNS names properly.

@shyakaster, @lichtamberg check the guide for the certificate error

Member

drbrain commented Apr 3, 2015

@gmangalo you appear to be unable to resolve DNS names properly.

@shyakaster, @lichtamberg check the guide for the certificate error

@ber855

This comment has been minimized.

Show comment
Hide comment
@ber855

ber855 Apr 13, 2015

I'm trying to implement the recommended solution at http://guides.rubygems.org/ssl-certificate-update/ but I don't seem to be able to update rubygems on Windows7 with Ruby21-x64 installed.

 C:\>ruby -v
 ruby 2.1.5p273 (2014-11-13 revision 48405) [x64-mingw32]

 C:\>gem --version
 2.2.2

 C:\>gem install --local C:\rubygems-update-2.2.3.gem
 Successfully installed rubygems-update-2.2.3
 Parsing documentation for rubygems-update-2.2.3
 Done installing documentation for rubygems-update after 0 seconds
 1 gem installed

 C:\>update_rubygems --no-ri --no-rdoc

 C:\>gem --version
 2.2.2

 C:\>update_rubygems --help
 rubygems_update [options]

 This will install the latest version of RubyGems.

        --version=X.Y   Update rubygems from the X.Y version.

 C:\>update_rubygems --no-ri --no-rdoc --version=2.2.2
 C:/Program Files/Ruby21-x64/lib/ruby/gems/2.1.0/gems/rubygems-update-2.2.3/bin/update_rubygems:20:in `exec': No such file or directory - "C:/Program Files/Ruby21-x64/bin/ruby.exe" (Errno::ENOENT)
        from C:/Program Files/Ruby21-x64/lib/ruby/gems/2.1.0/gems/rubygems-update-2.2.3/bin/update_rubygems:20:in `<top (required)>'
        from C:/Program Files/Ruby21-x64/bin/update_rubygems:23:in `load'
        from C:/Program Files/Ruby21-x64/bin/update_rubygems:23:in `\<main\>'

 C:\>dir "C:\Program Files\Ruby21-x64\bin\ruby.exe"
  Volume in drive C is OSDisk
  Volume Serial Number is 0870-8892

  Directory of C:\Program Files\Ruby21-x64\bin

 11/15/2014  09:33 PM           148,828 ruby.exe
                1 File(s)        148,828 bytes
                0 Dir(s)  373,562,097,664 bytes free


 C:\>gem --version
 2.2.2

And then as you would expect:

 C:\>gem update --system
 ERROR:  While executing gem ... (Gem::RemoteFetcher::FetchError)
     SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed  (https://api.rubygems.org/specs.4.8.gz)

Copying the new certificate into the ssl_certs directory manually doesn't appear to work either. Any suggestion you can offer would be greatly appreciated. I'm new to Ruby, and am basically just trying to follow instructions created by a team member who has more experience with Ruby but is similarly stumped by this issue.

ber855 commented Apr 13, 2015

I'm trying to implement the recommended solution at http://guides.rubygems.org/ssl-certificate-update/ but I don't seem to be able to update rubygems on Windows7 with Ruby21-x64 installed.

 C:\>ruby -v
 ruby 2.1.5p273 (2014-11-13 revision 48405) [x64-mingw32]

 C:\>gem --version
 2.2.2

 C:\>gem install --local C:\rubygems-update-2.2.3.gem
 Successfully installed rubygems-update-2.2.3
 Parsing documentation for rubygems-update-2.2.3
 Done installing documentation for rubygems-update after 0 seconds
 1 gem installed

 C:\>update_rubygems --no-ri --no-rdoc

 C:\>gem --version
 2.2.2

 C:\>update_rubygems --help
 rubygems_update [options]

 This will install the latest version of RubyGems.

        --version=X.Y   Update rubygems from the X.Y version.

 C:\>update_rubygems --no-ri --no-rdoc --version=2.2.2
 C:/Program Files/Ruby21-x64/lib/ruby/gems/2.1.0/gems/rubygems-update-2.2.3/bin/update_rubygems:20:in `exec': No such file or directory - "C:/Program Files/Ruby21-x64/bin/ruby.exe" (Errno::ENOENT)
        from C:/Program Files/Ruby21-x64/lib/ruby/gems/2.1.0/gems/rubygems-update-2.2.3/bin/update_rubygems:20:in `<top (required)>'
        from C:/Program Files/Ruby21-x64/bin/update_rubygems:23:in `load'
        from C:/Program Files/Ruby21-x64/bin/update_rubygems:23:in `\<main\>'

 C:\>dir "C:\Program Files\Ruby21-x64\bin\ruby.exe"
  Volume in drive C is OSDisk
  Volume Serial Number is 0870-8892

  Directory of C:\Program Files\Ruby21-x64\bin

 11/15/2014  09:33 PM           148,828 ruby.exe
                1 File(s)        148,828 bytes
                0 Dir(s)  373,562,097,664 bytes free


 C:\>gem --version
 2.2.2

And then as you would expect:

 C:\>gem update --system
 ERROR:  While executing gem ... (Gem::RemoteFetcher::FetchError)
     SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed  (https://api.rubygems.org/specs.4.8.gz)

Copying the new certificate into the ssl_certs directory manually doesn't appear to work either. Any suggestion you can offer would be greatly appreciated. I'm new to Ruby, and am basically just trying to follow instructions created by a team member who has more experience with Ruby but is similarly stumped by this issue.

@drbrain

This comment has been minimized.

Show comment
Hide comment
@drbrain

drbrain Apr 13, 2015

Member

@ber855 RubyGems and gems are not known to work well with directories containing spaces. Does it work when using a space-free directory?

Member

drbrain commented Apr 13, 2015

@ber855 RubyGems and gems are not known to work well with directories containing spaces. Does it work when using a space-free directory?

@ber855

This comment has been minimized.

Show comment
Hide comment
@ber855

ber855 Apr 14, 2015

Unfortunately, I'm in a locked-down environment and can't run exe's from outside the "Program Files" or "Program Files (x86)" directory. Gems does seem to run, though. Could that be the source of the "certificate verify failed" error?

At the suggestion of a teammate, I tried dropping back to version 2.0.0p643, which somewhat unexpectedly came with Gems 2.4.6. Unfortunately, I'm still getting the same error.

C:\>where gem
C:\Program Files\Ruby200-x64\bin\gem
C:\Program Files\Ruby200-x64\bin\gem.bat

C:\>ruby -v
ruby 2.0.0p643 (2015-02-25) [x64-mingw32]

C:\>gem --version
2.4.6

C:\>gem update --system
ERROR:  While executing gem ... (Gem::RemoteFetcher::FetchError)
    SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)

The same teammate now suggests I drop back to version 1.9.3p551... :-/

ber855 commented Apr 14, 2015

Unfortunately, I'm in a locked-down environment and can't run exe's from outside the "Program Files" or "Program Files (x86)" directory. Gems does seem to run, though. Could that be the source of the "certificate verify failed" error?

At the suggestion of a teammate, I tried dropping back to version 2.0.0p643, which somewhat unexpectedly came with Gems 2.4.6. Unfortunately, I'm still getting the same error.

C:\>where gem
C:\Program Files\Ruby200-x64\bin\gem
C:\Program Files\Ruby200-x64\bin\gem.bat

C:\>ruby -v
ruby 2.0.0p643 (2015-02-25) [x64-mingw32]

C:\>gem --version
2.4.6

C:\>gem update --system
ERROR:  While executing gem ... (Gem::RemoteFetcher::FetchError)
    SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)

The same teammate now suggests I drop back to version 1.9.3p551... :-/

@ber855

This comment has been minimized.

Show comment
Hide comment
@ber855

ber855 Apr 14, 2015

Dropping back to version 1.9.3p551 did not help.

C:\>where gem
C:\Program Files\Ruby193\bin\gem
C:\Program Files\Ruby193\bin\gem.bat

C:\>ruby -v
ruby 1.9.3p551 (2014-11-13) [i386-mingw32]

C:\>gem --version
1.8.29

C:\>gem update --system
ERROR:  While executing gem ... (Gem::RemoteFetcher::FetchError)
    SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://rubygems.org/latest_specs.4.8.gz)

C:\>gem install --local C:\rubygems-update-1.8.30.gem
Successfully installed rubygems-update-1.8.30
1 gem installed
Installing ri documentation for rubygems-update-1.8.30...
Installing RDoc documentation for rubygems-update-1.8.30...

C:\>update_rubygems --no-ri --no-rdoc

C:\>gem --version
1.8.29

C:\>update_rubygems --help
rubygems_update [options]

This will install the latest version of RubyGems.

        --version=X.Y   Update rubygems from the X.Y version.

C:\>update_rubygems --no-ri --no-rdoc --version=1.8.29
C:/Program Files/Ruby193/lib/ruby/gems/1.9.1/gems/rubygems-update-1.8.30/bin/update_rubygems:20:in `exec': No such file or directory - "C:/Program Files/Ruby193/bin/ruby.exe" (Errno::ENOENT)
        from C:/Program Files/Ruby193/lib/ruby/gems/1.9.1/gems/rubygems-update-1.8.30/bin/update_rubygems:20:in `<top (required)>'
        from C:/Program Files/Ruby193/bin/update_rubygems:23:in `load'
        from C:/Program Files/Ruby193/bin/update_rubygems:23:in `<main>'

C:\>gem --version
1.8.29

And then, as you would expect.

C:\>gem update --system
ERROR:  While executing gem ... (Gem::RemoteFetcher::FetchError)
    SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://rubygems.org/latest_specs.4.8.gz)

Could that space in the path to the ruby or gem exe be preventing me from upgrading the Gems version? If so, I might be able to ask for a temporary exception from the security policy.

ber855 commented Apr 14, 2015

Dropping back to version 1.9.3p551 did not help.

C:\>where gem
C:\Program Files\Ruby193\bin\gem
C:\Program Files\Ruby193\bin\gem.bat

C:\>ruby -v
ruby 1.9.3p551 (2014-11-13) [i386-mingw32]

C:\>gem --version
1.8.29

C:\>gem update --system
ERROR:  While executing gem ... (Gem::RemoteFetcher::FetchError)
    SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://rubygems.org/latest_specs.4.8.gz)

C:\>gem install --local C:\rubygems-update-1.8.30.gem
Successfully installed rubygems-update-1.8.30
1 gem installed
Installing ri documentation for rubygems-update-1.8.30...
Installing RDoc documentation for rubygems-update-1.8.30...

C:\>update_rubygems --no-ri --no-rdoc

C:\>gem --version
1.8.29

C:\>update_rubygems --help
rubygems_update [options]

This will install the latest version of RubyGems.

        --version=X.Y   Update rubygems from the X.Y version.

C:\>update_rubygems --no-ri --no-rdoc --version=1.8.29
C:/Program Files/Ruby193/lib/ruby/gems/1.9.1/gems/rubygems-update-1.8.30/bin/update_rubygems:20:in `exec': No such file or directory - "C:/Program Files/Ruby193/bin/ruby.exe" (Errno::ENOENT)
        from C:/Program Files/Ruby193/lib/ruby/gems/1.9.1/gems/rubygems-update-1.8.30/bin/update_rubygems:20:in `<top (required)>'
        from C:/Program Files/Ruby193/bin/update_rubygems:23:in `load'
        from C:/Program Files/Ruby193/bin/update_rubygems:23:in `<main>'

C:\>gem --version
1.8.29

And then, as you would expect.

C:\>gem update --system
ERROR:  While executing gem ... (Gem::RemoteFetcher::FetchError)
    SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://rubygems.org/latest_specs.4.8.gz)

Could that space in the path to the ruby or gem exe be preventing me from upgrading the Gems version? If so, I might be able to ask for a temporary exception from the security policy.

@socratesmedina

This comment has been minimized.

Show comment
Hide comment
@socratesmedina

socratesmedina Aug 29, 2015

I am getting the same error, too:

C:\Sites>gem update bundler
Updating installed gems
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)

I am getting the same error, too:

C:\Sites>gem update bundler
Updating installed gems
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Sep 24, 2015

I am in the same position, tried every permutation of GEMS / Ruby and to put it mildly its totally broken. Is there an official statement regarding this and when it will be resolved.

ghost commented Sep 24, 2015

I am in the same position, tried every permutation of GEMS / Ruby and to put it mildly its totally broken. Is there an official statement regarding this and when it will be resolved.

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Sep 24, 2015

C:\WINDOWS\system32>gem install rack --clear-sources --verbose --source https://staging.rubygems.org -v 1.5.2
HEAD https://staging.rubygems.org/api/v1/dependencies
200 OK
GET https://staging.rubygems.org/api/v1/dependencies?gems=rack
200 OK
GET https://staging.rubygems.org/quick/Marshal.4.8/rack-1.5.2.gemspec.rz
302 Moved Temporarily
GET https://rubygems-staging.global.ssl.fastly.net/quick/Marshal.4.8/rack-1.5.2.gemspec.rz
404 Not Found
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
bad response Not Found 404 (https://rubygems-staging.global.ssl.fastly.net/quick/Marshal.4.8/rack-1.5.2.gemspec.rz)

C:\WINDOWS\system32>

ghost commented Sep 24, 2015

C:\WINDOWS\system32>gem install rack --clear-sources --verbose --source https://staging.rubygems.org -v 1.5.2
HEAD https://staging.rubygems.org/api/v1/dependencies
200 OK
GET https://staging.rubygems.org/api/v1/dependencies?gems=rack
200 OK
GET https://staging.rubygems.org/quick/Marshal.4.8/rack-1.5.2.gemspec.rz
302 Moved Temporarily
GET https://rubygems-staging.global.ssl.fastly.net/quick/Marshal.4.8/rack-1.5.2.gemspec.rz
404 Not Found
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
bad response Not Found 404 (https://rubygems-staging.global.ssl.fastly.net/quick/Marshal.4.8/rack-1.5.2.gemspec.rz)

C:\WINDOWS\system32>

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Sep 24, 2015

Member

@silentbinary Why are you using staging? The full set of gems is not available on staging, and it should not be used.

Member

dwradcliffe commented Sep 24, 2015

@silentbinary Why are you using staging? The full set of gems is not available on staging, and it should not be used.

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Sep 24, 2015

My Ruby knowledge is zero, I am just trying to follow the recommended fix.

Is there a fix that will solve the issue, as I have tried everything that has been mentioned?

On Thu, Sep 24, 2015 at 3:33 PM, David Radcliffe notifications@github.com
wrote:

@silentbinary https://github.com/silentbinary Why are you using
staging? The full set of gems is not available on staging, and it should
not be used.


Reply to this email directly or view it on GitHub
#1050 (comment).

Land Line | 0208 1234 409 | Mobile | 07779256256

Conference Call | 0844737373 | Pin 590342

Email | Skype | Gareth.Davies@SilentBinary.co
Gareth.Davies@SilentBinary.com.uk

LinkedIn | https://www.linkedin.com/in/alwaysdelivers

SilentBinary.Co.Uk accepts no liability for the content of this email, or
for the consequences of any actions taken on the basis of the information
provided, unless that information is subsequently confirmed in writing.

ghost commented Sep 24, 2015

My Ruby knowledge is zero, I am just trying to follow the recommended fix.

Is there a fix that will solve the issue, as I have tried everything that has been mentioned?

On Thu, Sep 24, 2015 at 3:33 PM, David Radcliffe notifications@github.com
wrote:

@silentbinary https://github.com/silentbinary Why are you using
staging? The full set of gems is not available on staging, and it should
not be used.


Reply to this email directly or view it on GitHub
#1050 (comment).

Land Line | 0208 1234 409 | Mobile | 07779256256

Conference Call | 0844737373 | Pin 590342

Email | Skype | Gareth.Davies@SilentBinary.co
Gareth.Davies@SilentBinary.com.uk

LinkedIn | https://www.linkedin.com/in/alwaysdelivers

SilentBinary.Co.Uk accepts no liability for the content of this email, or
for the consequences of any actions taken on the basis of the information
provided, unless that information is subsequently confirmed in writing.

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Sep 24, 2015

Member

This is an old issue that is resolved. The mention of staging above was to test a new SSL cert before it was rolled out to production.

Member

dwradcliffe commented Sep 24, 2015

This is an old issue that is resolved. The mention of staging above was to test a new SSL cert before it was rolled out to production.

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Sep 24, 2015

I still have the same issue on Windows.

shot 2

shot1 1

ghost commented Sep 24, 2015

I still have the same issue on Windows.

shot 2

shot1 1

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Sep 24, 2015

Member

@silentbinary Looks like your issue is with the softlayer api, not the rubygems api. I'm guessing their HTTPS settings or their certificate are not compatible with windows. You may need to manually install their certificate or something like that.

Member

dwradcliffe commented Sep 24, 2015

@silentbinary Looks like your issue is with the softlayer api, not the rubygems api. I'm guessing their HTTPS settings or their certificate are not compatible with windows. You may need to manually install their certificate or something like that.

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Sep 24, 2015

going to try on Linux tmrw
On 24 Sep 2015 5:12 pm, "David Radcliffe" notifications@github.com wrote:

@silentbinary https://github.com/silentbinary Looks like your issue is
with the softlayer api, not the rubygems api. I'm guessing their HTTPS
settings or their certificate are not compatible with windows. You may need
to manually install their certificate or something like that.


Reply to this email directly or view it on GitHub
#1050 (comment).

ghost commented Sep 24, 2015

going to try on Linux tmrw
On 24 Sep 2015 5:12 pm, "David Radcliffe" notifications@github.com wrote:

@silentbinary https://github.com/silentbinary Looks like your issue is
with the softlayer api, not the rubygems api. I'm guessing their HTTPS
settings or their certificate are not compatible with windows. You may need
to manually install their certificate or something like that.


Reply to this email directly or view it on GitHub
#1050 (comment).

@lengerfulluse

This comment has been minimized.

Show comment
Hide comment
@lengerfulluse

lengerfulluse Dec 1, 2015

Got the same issue. [REDACTED]

Got the same issue. [REDACTED]

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Dec 1, 2015

I gave up on Windows put have it installed on Ubuntu and it works a treat.

ghost commented Dec 1, 2015

I gave up on Windows put have it installed on Ubuntu and it works a treat.

@thovo

This comment has been minimized.

Show comment
Hide comment
@thovo

thovo Jan 11, 2016

I got the same issue on my Windows 7
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError) SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol (https://api.rubygems.org/specs.4.8.gz)
I think it happened because I am using a company's computer that usualy followed some security policy check of company. I didn't meet this issue with my own laptop. Does someone have any idea to fix it completely?
I tried to use @lengerfulluse command to install gem and it works except some last errors but at least it installed the gem.

thovo commented Jan 11, 2016

I got the same issue on my Windows 7
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError) SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol (https://api.rubygems.org/specs.4.8.gz)
I think it happened because I am using a company's computer that usualy followed some security policy check of company. I didn't meet this issue with my own laptop. Does someone have any idea to fix it completely?
I tried to use @lengerfulluse command to install gem and it works except some last errors but at least it installed the gem.

@ghost

This comment has been minimized.

Show comment
Hide comment
@ghost

ghost Jan 11, 2016

I have up and just spun up a linux desktop and had no issue installing.

ghost commented Jan 11, 2016

I have up and just spun up a linux desktop and had no issue installing.

@dwradcliffe

This comment has been minimized.

Show comment
Hide comment
@dwradcliffe

dwradcliffe Jan 11, 2016

Member

The original problem from this issue has been resolved. If you're still experiencing problems that seem related, open a help ticket or a new issue. Thanks!

Member

dwradcliffe commented Jan 11, 2016

The original problem from this issue has been resolved. If you're still experiencing problems that seem related, open a help ticket or a new issue. Thanks!

@rubygems rubygems locked and limited conversation to collaborators Jan 11, 2016

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.