Today I was trying to deploy my updated rails application via capistrano
Suddenly I've got the following message
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
Trying to update the gem system manually had the same problem:
[root@w1 ~]# gem update --system
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (https://api.rubygems.org/specs.4.8.gz)
Setting the environment variable 'SSL_CERT_FILE' to the location of the root-certificates from the ports collect ion resolved the issue:
[root@w1 ~]# SSL_CERT_FILE=/usr/local/etc/ssl/cert.pem gem update --system Updating rubygems-update Fetching: rubygems-update-2.4.5.gem (100%) Successfully installed rubygems-update-2.4.5
Now I've reinstalled the port security/ca_root_nss and enabled the ETCSYMLINK option. This resolved my issue. Now my system uses the latest root-certificates. (*duh*)
Just a note, had another rails project, that didn't work out of the box. Fixed this by adjusting the deploy.rb script. I've added the following:
set :default_env, {
SSL_CERT_FILE: '/etc/ssl/cert.pem'
}