Vodafone Secure net is blocking https://rubygems.org

[wallymathieu]

Describe the problem as clearly as you can

Try either one of:

• Try to install gem
• Browse https://rubygems.org through Chrome 113.0.5672.126
• Browse https://rubygems.org through Safari

Did you try upgrading RubyGems?

Does not seem to be related to version of rubygems but the hosting of rubygems.

Steps to reproduce the problem

Try to build the following dockerfile:

FROM ruby:${VARIANT:-3.2-buster}
RUN apt-get update \
    && apt-get install -y apt-transport-https ca-certificates\
    ruby

RUN gem install bundler

Which command did you run?

• gem install bundler
• navigate through browser

What were you expecting to happen?

• For bundler to be installed
• For rubygems to be displayed

What actually happened?

Error related to certificates:

#0 0.362 ERROR:  SSL verification error at depth 0: self signed certificate (18)                                                                          
#0 0.362 ERROR:  Certificate /C=US/ST=USA/L=New York/O=Optimization/OU=Optimization/CN=tomcat is not trusted                                              
#0 0.412 ERROR:  SSL verification error at depth 0: self signed certificate (18)
#0 0.412 ERROR:  Certificate /C=US/ST=USA/L=New York/O=Optimization/OU=Optimization/CN=tomcat is not trusted
#0 0.467 ERROR:  SSL verification error at depth 0: self signed certificate (18)
#0 0.467 ERROR:  Certificate /C=US/ST=USA/L=New York/O=Optimization/OU=Optimization/CN=tomcat is not trusted
#0 0.469 ERROR:  Could not find a valid gem 'bundler' (>= 0), here is why:
#0 0.469           Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 peeraddr=62.74.130.28:443 state=error: certificate verify failed (self signed certificate) (https://rubygems.org/specs.4.8.gz)
#0 0.531 ERROR:  SSL verification error at depth 0: self signed certificate (18)
#0 0.531 ERROR:  Certificate /C=US/ST=USA/L=New York/O=Optimization/OU=Optimization/CN=tomcat is not trusted
#0 0.589 ERROR:  SSL verification error at depth 0: self signed certificate (18)
#0 0.589 ERROR:  Certificate /C=US/ST=USA/L=New York/O=Optimization/OU=Optimization/CN=tomcat is not trusted
------

Run gem env and paste the output below

Note the Dockerfile above.

[wallymathieu]

Looks like Vodafone blocks rubygems with the message:

[deivid-rodriguez]

Could this be related to #3791?

[wallymathieu]

That's what I think. Could be that their flagging of Ruby Gems is out of date.

[julitrows]

Hi @wallymathieu , I'm being affected by this as well. Did you find how to communicate to Vodafone their flagging is wrong? Have you been able to circumvent the issue somehow? Thanks

[wallymathieu]

What we did was to ask them to remove the service "Secure Net" for us @julitrows

[wallymathieu]

So no, we did not find a way.

[julitrows]

Thanks, ended up doing the same

[simi]

@wallymathieu @julitrows is this still problem? rubygems.org itself is not marked as unsafe for now by google safe browsing status. But some subpages (like https://rubygems.org/gems/metasploit-payloads) are still marked as unsecure.

[julitrows]

@simi I had to request the deactivation of Secure Net for me so I can use rubygems. Haven't tried to put it up again.

But chances are it's still blocked.

[rudgal]

@simi I had to request the deactivation of Secure Net for me so I can use rubygems. Haven't tried to put it up again.

But chances are it's still blocked.

Still blocked for me today, how can I request deactivation, is there some official form or so?
(I'm actually not from ES and using a shared WiFi atm)
Thanks a lot! 🙇

[duckinator]

I've been talking with Vodafone. Hoping to have this resolved soon.

(The only way I could find to contact them is @VodafoneUK on Twitter; I don't see any way to contact the Vodafone Secure Net team specifically.)

[duckinator]

Got this response from Vodafone on Monday (August 21st):

We've had a response from the Secure net team who confirmed that these websites are currently classified as computing so they are not blocked.

So in theory Vodafone Secure Net should no longer block rubygems.org or index.rubygems.org.

[simi]

Is anyone able to check Vodafone is not blocking RubyGems.org anymore?

[wallymathieu]

Perhaps time to close the issue and reopen if there is anything we can do.

[rudgal]

thanks @duckinator 🙏
@simi yes, seems to be working, vodafone-block has vanished and the url is accessible now (at least from my end).

[f-naranjo]

Hi everyone, after hours of troubleshooting I finally found this issue and I have to say that Vodafone secure net was the problem. I was connected to my home WiFi network where I had Secure Net enabled, and the error was occurring. Then, I switched to my iPhone hotspot where Secure Net is disabled, and everything is working.

[duckinator]

Well, that didn't last long. Not even 4 whole months before Vodafone started blocking us again.

Thanks for letting us know, @f-naranjo.

[duckinator]

I reached out to Vodafone. Again. We'll see how that goes.

[duckinator]

@f-naranjo can you check whether you're still having this problem? if you are, can you provide me a screenshot I can pass along to Vodafone?