-
-
Save zemd/8721127 to your computer and use it in GitHub Desktop.
Revisions
-
fnichol revised this gist
Mar 12, 2011 . 1 changed file with 0 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -24,10 +24,6 @@ To make this a permanent setting, add this in your [control panel](http://www.mi Download the `cacert.pem` file from [http://curl.haxx.se/ca/cacert.pem](http://curl.haxx.se/ca/cacert.pem). Save this file to `C:\RailsInstaller\cacert.pem`. Now make ruby aware of your certificate authority bundle by setting `SSL_CERT_FILE`. To set this in your current command prompt session, type: set SSL_CERT_FILE=C:\RailsInstaller\cacert.pem -
Mar 12, 2011 . 2 changed files with 6 additions and 6 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -16,20 +16,20 @@ Download the ruby script to your *Desktop* folder from [https://gist.github.com/ Now make ruby aware of your certificate authority bundle by setting `SSL_CERT_FILE`. To set this in your current command prompt session, type: set SSL_CERT_FILE=C:\RailsInstaller\cacert.pem To make this a permanent setting, add this in your [control panel](http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/environment_variables.mspx?mfr=true). ## The Manual Way (Boring) Download the `cacert.pem` file from [http://curl.haxx.se/ca/cacert.pem](http://curl.haxx.se/ca/cacert.pem). Save this file to `C:\RailsInstaller\cacert.pem`. Then in your command prompt, execute the ruby script: ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb" Now make ruby aware of your certificate authority bundle by setting `SSL_CERT_FILE`. To set this in your current command prompt session, type: set SSL_CERT_FILE=C:\RailsInstaller\cacert.pem To make this a permanent setting, add this in your [control panel](http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/environment_variables.mspx?mfr=true). This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,16 +1,16 @@ require 'net/http' # create a path to the file "C:\RailsInstaller\cacert.pem" cacert_file = File.join(%w{c: RailsInstaller cacert.pem}) Net::HTTP.start("curl.haxx.se") do |http| resp = http.get("/ca/cacert.pem") if resp.code == "200" open(cacert_file, "wb") { |file| file.write(resp.body) } puts "\n\nA bundle of certificate authorities has been installed to" puts "C:\\RailsInstaller\\cacert.pem\n" puts "* Please set SSL_CERT_FILE in your current command prompt session with:" puts " set SSL_CERT_FILE=C:\\RailsInstaller\\cacert.pem" puts "* To make this a permanent setting, add it to Environment Variables" puts " under Control Panel -> Advanced -> Environment Variables" else -
Mar 12, 2011 . 1 changed file with 17 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -6,6 +6,8 @@ From what I can see the OpenSSL library that [Rails Installer](http://railsinsta # Installation ## The Ruby Way! (Fun) This assumes your have already installed the [Rails Installer](http://railsinstaller.org) for Windows. Download the ruby script to your *Desktop* folder from [https://gist.github.com/raw/867550/win_fetch_cacerts.rb](https://gist.github.com/raw/867550/win_fetch_cacerts.rb). Then in your command prompt, execute the ruby script: @@ -14,6 +16,20 @@ Download the ruby script to your *Desktop* folder from [https://gist.github.com/ Now make ruby aware of your certificate authority bundle by setting `SSL_CERT_FILE`. To set this in your current command prompt session, type: set SSL_CERT_FILE=C:\\RailsInstaller\cacert.pem To make this a permanent setting, add this in your [control panel](http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/environment_variables.mspx?mfr=true). ## The Manual Way (Boring) Download the `cacert.pem` file from [http://curl.haxx.se/ca/cacert.pem](http://curl.haxx.se/ca/cacert.pem). Save this file to `C:\\RailsInstaller\cacert.pem`. Then in your command prompt, execute the ruby script: ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb" Now make ruby aware of your certificate authority bundle by setting `SSL_CERT_FILE`. To set this in your current command prompt session, type: set SSL_CERT_FILE=C:\\RailsInstaller\cacert.pem To make this a permanent setting, add this in your [control panel](http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/environment_variables.mspx?mfr=true). -
Mar 12, 2011 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,6 +1,8 @@ # Why? There is a long standing issue in Ruby where the *net/http* library by default does **not** check the validity of an SSL certificate during a TLS handshake. Rather than deal with the underlying problem (a missing certificate authority, a self-signed certificate, etc.) one tends to see [bad](http://stackoverflow.com/questions/1555006/how-do-i-tell-rubys-openssl-library-to-ignore-a-self-signed-certificate-error) [hacks](http://www.ruby-forum.com/topic/129530) [everywhere](http://www.peterkrantz.com/2007/open-uri-cert-verification/). This can lead to [problems](http://www.rubyinside.com/how-to-cure-nethttps-risky-default-https-behavior-4010.html) down the road. From what I can see the OpenSSL library that [Rails Installer](http://railsinstaller.org) delivers has no certificate authorities defined. So, let's go fetch some from the [curl](http://curl.haxx.se/ca/) website. And since this is for ruby, why don't we download and install the file with a ruby script? # Installation -
Mar 12, 2011 . 2 changed files with 6 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,7 @@ # Why? There is a long standing issue in Ruby where the *net/http* library by default does **not** check the validity of an SSL certificate during a TLS handshake. Rather than deal with the underlying problem (a missing certificate authority, a self-signed certificate, etc.) one tends to see [bad](http://stackoverflow.com/questions/1555006/how-do-i-tell-rubys-openssl-library-to-ignore-a-self-signed-certificate-error) [hacks](http://www.ruby-forum.com/topic/129530) [everywhere](http://www.peterkrantz.com/2007/open-uri-cert-verification/). # Installation This assumes your have already installed the [Rails Installer](http://railsinstaller.org) for Windows. This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -8,9 +8,9 @@ if resp.code == "200" open(cacert_file, "wb") { |file| file.write(resp.body) } puts "\n\nA bundle of certificate authorities has been installed to" puts "C:\\\\RailsInstaller\\cacert.pem\n" puts "* Please set SSL_CERT_FILE in your current command prompt session with:" puts " set SSL_CERT_FILE=C:\\\\RailsInstaller\\cacert.pem" puts "* To make this a permanent setting, add it to Environment Variables" puts " under Control Panel -> Advanced -> Environment Variables" else -
Mar 12, 2011 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -8,4 +8,6 @@ Download the ruby script to your *Desktop* folder from [https://gist.github.com/ Now make ruby aware of your certificate authority bundle by setting `SSL_CERT_FILE`. To set this in your current command prompt session, type: set SSL_CERT_FILE=C:\RailsInstaller\cacert.pem To make this a permanent setting, add this in your [control panel](http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/environment_variables.mspx?mfr=true). -
Mar 12, 2011 . 2 changed files with 7 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -6,3 +6,6 @@ Download the ruby script to your *Desktop* folder from [https://gist.github.com/ ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb" Now make ruby aware of your certificate authority bundle by setting `SSL_CERT_FILE`. To set this in your current command prompt session, type: set SSL_CERT_FILE=C:\RailsInstaller\cacert.pem This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -7,12 +7,13 @@ resp = http.get("/ca/cacert.pem") if resp.code == "200" open(cacert_file, "wb") { |file| file.write(resp.body) } puts "\n\nA bundle of certificate authorities has been installed to" puts "C:\\RailsInstaller\\cacert.pem\n" puts "* Please set SSL_CERT_FILE in your current command prompt session with:" puts " set SSL_CERT_FILE=C:\\RailsInstaller\\cacert.pem" puts "* To make this a permanent setting, add it to Environment Variables" puts " under Control Panel -> Advanced -> Environment Variables" else abort "\n\n>>>> A cacert.pem bundle could not be downloaded." end end -
Mar 12, 2011 . 1 changed file with 4 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,5 +1,8 @@ # Installation This assumes your have already installed the [Rails Installer](http://railsinstaller.org) for Windows. Download the ruby script to your *Desktop* folder from [https://gist.github.com/raw/867550/win_fetch_cacerts.rb](https://gist.github.com/raw/867550/win_fetch_cacerts.rb). Then in your command prompt, execute the ruby script: ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb" -
Mar 12, 2011 . 1 changed file with 5 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,5 @@ # Installation Download the ruby script to your *Desktop* folder from [https://gist.github.com/raw/867550/win_fetch_cacerts.rb](https://gist.github.com/raw/867550/win_fetch_cacerts.rb). Then at your command prompt, run: ruby "%USERPROFILE%\Desktop\win_fetch_cacerts.rb" -
Mar 12, 2011 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -5,7 +5,7 @@ Net::HTTP.start("curl.haxx.se") do |http| resp = http.get("/ca/cacert.pem") if resp.code == "200" open(cacert_file, "wb") { |file| file.write(resp.body) } puts "A bundle of certificate authorities has been installed to #{cacert_file}" puts "* Please set SSL_CERT_FILE in your current command prompt session with:" -
Mar 12, 2011 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,7 +1,7 @@ require 'net/http' # create a path to the file "C:\\RailsInstaller\cacert.pem" cacert_file = File.join(%w{c: RailsInstaller cacert.pem}) Net::HTTP.start("curl.haxx.se") do |http| resp = http.get("/ca/cacert.pem") -
Mar 12, 2011 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -13,6 +13,6 @@ puts "* To make this a permanent setting, add it to Environment Variables" puts " under Control Panel -> Advanced -> Environment Variables" else abort ">>>> A cacert.pem bundle could not be downloaded." end end -
Mar 12, 2011 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,18 @@ require 'net/http' # create a path to the file "C:\\RailsInstaller\cacert.pem" cacert_file = File.join(%w{c: RailsInstaller caccert.pem}) Net::HTTP.start("curl.haxx.se") do |http| resp = http.get("/ca/cacert.pem") if resp.code == 200 open(cacert_file, "wb") { |file| file.write(resp.body) } puts "A bundle of certificate authorities has been installed to #{cacert_file}" puts "* Please set SSL_CERT_FILE in your current command prompt session with:" puts " set SSL_CERT_FILE=#{cacert_file}" puts "* To make this a permanent setting, add it to Environment Variables" puts " under Control Panel -> Advanced -> Environment Variables" else abort ">>>> A cacert.pem bundle could not be downloaded. end end