The RubyInstaller packages are based off Ruby releases.
So, in essence the official Ruby release packaged the version of `rubygems` that has the 'bug' in it.
Unfortunately if I remember correctly it's not actually a bug, but an issue with the
rubygems.org certification.
The issue is compounded by the fact that it will fall back to `openssl` CA chain check. Which means that with other platforms where `openssl` is a shared library and has a CA bundle to use it will.
I understand the frustration, but I can't ninja update files without a very good reason. Especially files that had been live for months before the cert changed.
Both the Ruby 2.0 and 2.2 releases actually have this fixed. The next Ruby 2.1 release will have it as well. But until then things are kind of stuck in an uncomfortable place.
Most importantly though, someone would have to write a custom patch to be applied for one nonconventional release. Which I don't want to do and no one else has stepped up.
Justin
Sent from mobile.