Curl Certificate Error when Using RVM to install Ruby 1.9.2

Question

RVM is running into a certificate error when trying to download Ruby 1.9.2. It looks like curl is having a certificate issue but I am not sure how to bypass it

Answer 1

If do not want to change the script AND you do not want to add a cert "for ever" to the cert bundle. There is a very nice and quick solution:

#to download the cert
wget http://curl.haxx.se/ca/cacert.pem
#to let curl use it for the next calls
export CURL_CA_BUNDLE=~/cacert.pem

Then run your script. To reset the environment variable (for subsequent script calls that should not use this cert) re-login to your system or unset the environment variable:

export CURL_CA_BUNDLE=

Answer 2

You need to download the ca certificate from http://curl.haxx.se/ca/cacert.pem and add them to your curl-ca-bundle-new.crt file.

To find the location of this file use:

   $ curl-config --ca

   /usr/share/curl/curl-ca-bundle.crt

Backup your curl-ca-bundle.crt file:

$ cp /usr/share/curl/curl-ca-bundle.crt /usr/share/curl/curl-ca-bundle.crt.old

Then you want to concatenate the two file using:

$ cat cacert.pem /usr/share/curl/curl-ca-bundle.crt >> curl-ca-bundle-new.crt

Answer 3

On Centos 5.6 (Final) I had a problem with installing rvm 1.9.2 The error was:

curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). The default
 bundle is named curl-ca-bundle.crt; you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
ERROR: There was an error, please check /usr/local/rvm/log/ruby-1.9.2-p290/*.log. Next we'll try to fetch via http.
Trying http:// URL instead.

curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). The default
 bundle is named curl-ca-bundle.crt; you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
ERROR: There was an error, please check /usr/local/rvm/log/ruby-1.9.2-p290/*.log
ERROR: There has been an error while trying to fetch the source.  
Halting the installation.
ERROR: There has been an error fetching the ruby interpreter. Halting the installation.

Here is a list of actions which helped me to solve the problem

$ curl-config --ca # show path to the certificate
/usr/local/share/curl/curl-ca-bundle.crt
$ cd /usr/local/share/curl/ # go to that path
$ cp curl-ca-bundle.crt curl-ca-bundle.crt.bak # backup certificate
$ curl http://curl.haxx.se/ca/cacert.pem -o curl-ca-bundle.crt # download new
$ rvm install 1.9.2 # bingo it works

Btw curl version is curl 7.18.0 (to check '$ curl -V')

Answer 4

In case any one else comes across this while trying to update to 1.9.3 (although version probably doesn't matter), check the version of rvm that you have. Wayne seems to have moved from rvm.beginrescueend.com to rvm.io. The old site's security certificate has expired, so curl's response is correct.

Updating rvm from the new site fixed this problem and allowed me to move forward.

$ \curl -L https://get.rvm.io | bash -s stable --rails --autolibs=enabled

Update: As @rodgerdpack mentioned, the command changes and I've updated the above. In general, see https://rvm.io/ for the latest.

Answer 5

I was attempting to install ruby-1.9.2-p290 and came across the same problem. After running which curl and realizing that the curl instance was coming from an installation of MAMP on my system (OS X Snow Leopard), I reconfigured my PATH variable to use the system default at /usr/bin/curl. Using this version, curl 7.19.7, I had no problem installing the latest version of Ruby with RVM.

Answer 6

I had trouble installing 1.9.2 using RVM, here is my solution:

• Download yaml-0.1.3.tar.gz from http://www.filewatcher.com/m/yaml-0.1.3.tar.gz.466845.0.0.html
• Save it to /Users//.rvm/archives/yaml-0.1.3.tar.gz

• Run these commands:

  chmod 777 yaml-0.1.3.tar.gz

  tar zxf /Users//.rvm/archives/yaml-0.1.3.tar.gz -C /Users//.rvm/src

I still got the file not found error but the installation went on to be successful

[2011-07-05 14:24:07] tar zxf /Users//.rvm/archives/yaml-0.1.3.tar.gz -C /Users//.rvm/src --no-same-owner tar (child): /Users//.rvm/archives/yaml-0.1.3.tar.gz: Cannot open: No such file or directory tar (child): Error is not recoverable: exiting now tar: Child returned status 2 tar: Error exit delayed from previous errors