Setting a CA certificate for a mirror repository through BUNDLE_SSL_CA_CERT
doesn't seem to work
#6048
Labels
BUNDLE_SSL_CA_CERT
doesn't seem to work
#6048
Describe the problem as clearly as you can
When downloading dependencies through the mirror repository by executing
bundle install
, the execution fails on SSL "certificate verify failed (unable to get local issuer certificate)". The path to the CA certificate is configured usingBUNDLE_SSL_CA_CERT
, but it doesn't seem to work for the mirror repository.Did you try upgrading rubygems & bundler?
Yes, using the latest Fedora Docker image and installing Ruby tools to make sure my system wide certificates are not used.
Post steps to reproduce the problem
Bundler is configured using
.bundle/config
The mirror is a Nexus RubyGems repository, configured to use HTTPS.
Which command did you run?
bundle install
What were you expecting to happen?
I would expected this to download all dependencies, using the CA certificate that was provided in
.bundle/config
for verification of the server.In other words, I would expect that it will have the same effect as
SSL_CERT_FILE=rubygems-proxy-ca.pem bundle install
that works just fine.What actually happened?
Going through the troubleshooting guide I'd say it's likely that
BUNDLE_SSL_CA_CERT
"rewrites" all certificates to the specified one, but uses it only forrubygems.org
repository and not for the mirror.If not included with the output of your command, run
bundle env
and paste the output below[root@38c3a2c814e1 app]# bundle env
fatal: not a git repository (or any parent up to mount point /tmp/cachito-ruby)
Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set).
Environment
Bundler Build Metadata
Bundler settings
Gemfile
Gemfile
Gemfile.lock
The text was updated successfully, but these errors were encountered: