由于SSL证书，无法完成Rails 5的升级。

Question

我已经进行了好几个小时的升级，最后终于陷入了困境。这一切都是从我收到典型的Bundler::Fetcher::CertificateFailureError开始的。经过多次修补之后，我想我已经把所有的东西都升级到了最新的版本。

$ gem -v
2.6.9

$ ruby -v
ruby 2.3.3p222 (2016-11-21 revision 56859) [i386-mingw32]

$ bundle -v
Bundler version 1.14.2

在某种程度上，我改变了我的宝石源

$ gem sources --remove http://rubygems.org
$ gem sources --add http://rubygems.org

我还把我的Gemfile改成了http

当我运行“`bundle install”时，我得到了以下错误(注意，我必须手动打破bit.ly url来发布错误的内容)

Fetching source index from https://rails-assets.org/

Retrying fetcher due to error (2/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rails-assets.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit. ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.
Retrying fetcher due to error (3/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rails-assets.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit. ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.
Retrying fetcher due to error (4/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rails-assets.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit. ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.
Could not verify the SSL certificate for https://rails-assets.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most
likely your system doesn't have the CA certificates needed for verification. For
information about OpenSSL certificates, see http://bit. ly/ruby-ssl. To connect
without using SSL, edit your Gemfile sources and change 'https' to 'http'.
enter code here

所以我又回到了我的起点。另外，当我尝试https时，我又收到了另一个错误:指向我的gem sources，但是在我处理这个问题之后，作为一个不同的问题，这可能会更好。

Answer 1

• 尝试将rails-资产源更改为http://insecure.rails-assets.org/
• 这可能是由RubyGems从SHA-1向SHA-2移动引起的。这是他们网站上关于如何解决这个问题的有用指南

如果这一点和bitly中的向导没有修复它，您可能不得不重新安装。我以前也遇到过这种情况，即使在确保我的证书是最新的之后，似乎也没有什么起作用的；幸运的是，重新安装似乎修复了它。

Answer 2

您可以更新openssl包。