A RubyGems SSL cerificate solution

The Problem

Early last month I was trying to update some gems on my MBP and ran into an SSL error:

ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)

In typical fashion I ignored the error and tried updating RubyGems (the package manager). That failed with the same SSL message. Additionally we run our automated tests as part of our continuous build process (which also uses RubyGems) and eventually this SSL problem resulted in TeamCity build errors:

Upon further debugging I found an error similar to the above error:

ERROR: Could not find a valid gem 'bundler' (>= 0), here is why: [22:36:17][Step 1/3] Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz) [22:36:17][Step 1/3] Process exited with code 2

Apparently RubyGems updated their SSL certificates which broke any and all gem updates from then on out. Luckily I found a thread (someone filed a bug) on RubyGem’s GitHub repo.

The Solution

The solution however was a bit different depending for Windows (TeamCity) and MacOS (MBP). On my Mac I was able to use RVM to update the SSL certs using these commands (line 1 & 3):

Apparently on Windows you can’t just update the SSL certs; instead I had to re-install RubyGems. Simply re-download the latest version of RubyGems, go into the folder (for me it was installed at C:\RubyGems-2.6.3) and then run ‘setup.rb’. That was it!

I can understand the need to upgrade SSL certificates; it’s just a pain. Hopefully this makes it easier for others.