使用 RVM 安装 Ruby1.9.2时卷曲证书错误

RVM 在试图下载 Ruby1.9.2时遇到了证书错误。看起来 curl有一个证书问题,但我不知道如何绕过它。我已经包括了下面的确切错误信息。

$ rvm install 1.9.2
Installing Ruby from source to: /Users/willdennis/.rvm/rubies/ruby-1.9.2-p180, this may take a while depending on your cpu(s)...


ruby-1.9.2-p180 - #fetching
ERROR: Error running 'bunzip2 '/Users/willdennis/.rvm/archives/ruby-1.9.2-p180.tar.bz2'', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/extract.log
ruby-1.9.2-p180 - #extracting ruby-1.9.2-p180 to /Users/willdennis/.rvm/src/ruby-1.9.2-p180
ruby-1.9.2-p180 - #extracted to /Users/willdennis/.rvm/src/ruby-1.9.2-p180
Fetching yaml-0.1.3.tar.gz to /Users/willdennis/.rvm/archives


curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html


curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). The default
bundle is named curl-ca-bundle.crt; you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
ERROR: There was an error, please check /Users/willdennis/.rvm/log/ruby-1.9.2-p180/*.log. Next we'll try to fetch via http.
Trying http:// URL instead.


curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html


curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). The default
bundle is named curl-ca-bundle.crt; you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
ERROR: There was an error, please check /Users/willdennis/.rvm/log/ruby-1.9.2-p180/*.log
Extracting yaml-0.1.3.tar.gz to /Users/willdennis/.rvm/src
ERROR: Error running 'tar zxf /Users/willdennis/.rvm/archives/yaml-0.1.3.tar.gz -C /Users/willdennis/.rvm/src --no-same-owner', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/yaml/extract.log
/Users/willdennis/.rvm/scripts/functions/packages: line 55: cd: /Users/willdennis/.rvm/src/yaml-0.1.3: No such file or directory
Configuring yaml in /Users/willdennis/.rvm/src/yaml-0.1.3.
ERROR: Error running ' ./configure --prefix="/Users/willdennis/.rvm/usr"  ', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/yaml/configure.log
Compiling yaml in /Users/willdennis/.rvm/src/yaml-0.1.3.
ERROR: Error running '/usr/bin/make ', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/yaml/make.log
Installing yaml to /Users/willdennis/.rvm/usr
ERROR: Error running '/usr/bin/make install', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/yaml/make.install.log
ruby-1.9.2-p180 - #configuring
ERROR: Error running ' ./configure --prefix=/Users/willdennis/.rvm/rubies/ruby-1.9.2-p180 --enable-shared --disable-install-doc --with-libyaml-dir=/Users/willdennis/.rvm/usr ', please read /Users/willdennis/.rvm/log/ruby-1.9.2-p180/configure.log
ERROR: There has been an error while running configure. Halting the installation.

如何解决或避免此错误?

36988 次浏览
小开

I had trouble installing 1.9.2 using RVM, here is my solution:

I still got the file not found error but the installation went on to be successful

[2011-07-05 14:24:07] tar zxf /Users//.rvm/archives/yaml-0.1.3.tar.gz -C /Users//.rvm/src --no-same-owner tar (child): /Users//.rvm/archives/yaml-0.1.3.tar.gz: Cannot open: No such file or directory tar (child): Error is not recoverable: exiting now tar: Child returned status 2 tar: Error exit delayed from previous errors

小开

You need to download the ca certificate from http://curl.haxx.se/ca/cacert.pem and add them to your curl-ca-bundle-new.crt file.

To find the location of this file use:

   $ curl-config --ca


/usr/share/curl/curl-ca-bundle.crt

Backup your curl-ca-bundle.crt file:

$ cp /usr/share/curl/curl-ca-bundle.crt /usr/share/curl/curl-ca-bundle.crt.old

Then you want to concatenate the two file using:

$ cat cacert.pem /usr/share/curl/curl-ca-bundle.crt >> curl-ca-bundle-new.crt
小开

Thank you Dorothy - this recipe worked for me with the following minor modifications for a Win7 environment:

For others with this issue -

  1. Appreciate the discussion about updating the CA_Bundle - Good to do but it didn't help with this issue - the pyyaml website cert will still cause CURL to throw an error and since CURL is launched within the installer, no way to add a -k option.

  2. Ruby 1.9.2-p290 is trying to install YAML 0.1.4 so Google for a mirror and download that version - YAML-0.1.3 will have no effect in bypassing the issues.

  3. You need to do the windows equivalent of CHMOD 777 - within the rvm/src folder to the extracted files. Change security so that everyone has ownership/all privileges and turn off the read-only attribute for all files and folders.

The installer will still throw errors when it tries to download (CURL error), but will resume by trying to extract. The extraction will throw errors because the tarball is already extracted to the src folder. The next step of configuring YAML should work without errors if permissions in step 3 were set correctly and the installation should complete without further problems. (If installing via cygwin/bash, you will need to add a C compiler like 'gcc' and add 'ncurses' (tput command) and 'make' to the default core cygwin setup options.)

小开

Curl is invoked in .rvm/scripts/fetch, which by default will be in your home directory.

Edit this using your favourite text editor: for example,

 nano ~/.rvm/scripts/fetch

In lines 56 and 58 (may vary with other versions of RVM, of course) you'll see two lines which begin

 fetch_command="curl ...

Simply add -k after curl, save and try again.

小开

I was attempting to install ruby-1.9.2-p290 and came across the same problem. After running which curl and realizing that the curl instance was coming from an installation of MAMP on my system (OS X Snow Leopard), I reconfigured my PATH variable to use the system default at /usr/bin/curl. Using this version, curl 7.19.7, I had no problem installing the latest version of Ruby with RVM.

小开

On Centos 5.6 (Final) I had a problem with installing rvm 1.9.2 The error was:

curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html


curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). The default
bundle is named curl-ca-bundle.crt; you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
ERROR: There was an error, please check /usr/local/rvm/log/ruby-1.9.2-p290/*.log. Next we'll try to fetch via http.
Trying http:// URL instead.


curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html


curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). The default
bundle is named curl-ca-bundle.crt; you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
ERROR: There was an error, please check /usr/local/rvm/log/ruby-1.9.2-p290/*.log
ERROR: There has been an error while trying to fetch the source.
Halting the installation.
ERROR: There has been an error fetching the ruby interpreter. Halting the installation.

Here is a list of actions which helped me to solve the problem

$ curl-config --ca # show path to the certificate
/usr/local/share/curl/curl-ca-bundle.crt
$ cd /usr/local/share/curl/ # go to that path
$ cp curl-ca-bundle.crt curl-ca-bundle.crt.bak # backup certificate
$ curl http://curl.haxx.se/ca/cacert.pem -o curl-ca-bundle.crt # download new
$ rvm install 1.9.2 # bingo it works

Btw curl version is curl 7.18.0 (to check '$ curl -V')

小开

If do not want to change the script AND you do not want to add a cert "for ever" to the cert bundle. There is a very nice and quick solution:

#to download the cert
wget http://curl.haxx.se/ca/cacert.pem
#to let curl use it for the next calls
export CURL_CA_BUNDLE=~/cacert.pem

Then run your script. To reset the environment variable (for subsequent script calls that should not use this cert) re-login to your system or unset the environment variable:

export CURL_CA_BUNDLE=
小开

In case any one else comes across this while trying to update to 1.9.3 (although version probably doesn't matter), check the version of rvm that you have. Wayne seems to have moved from rvm.beginrescueend.com to rvm.io. The old site's security certificate has expired, so curl's response is correct.

Updating rvm from the new site fixed this problem and allowed me to move forward.

$ \curl -L https://get.rvm.io | bash -s stable --rails --autolibs=enabled

Update: As @rodgerdpack mentioned, the command changes and I've updated the above. In general, see https://rvm.io/ for the latest.

小开

Perhaps all these complicated solutions were once necessary, but now all you need to do is first upgrade RVM and your problem will be solved:

$ rvm get stable
$ rvm reload
$ rvm install ruby-1.9.3-p194
小开

If you don't mind disabling certificate check in curl (I don't):

echo insecure > ~/.curlrc
小开 
$ sudo apt-get install curl


$ curl -L https://get.rvm.io | bash -s stable --ruby   with ruby


$ curl -L https://get.rvm.io | bash -s stable --rails   with rails

提交答案