If SSL error problem on windows is known, why isn't the installer updated?
55 views
Skip to first unread message
Cass Hern
Mar 29, 2015, 8:10:55 PM3/29/15
to rubyin...@googlegroups.com
I am just wondering if this problem was known 3 months ago, why isn't the installer updated?
Justin Baker
Mar 29, 2015, 8:40:48 PM3/29/15
to rubyin...@googlegroups.com
The RubyInstaller packages are based off Ruby releases.
So, in essence the official Ruby release packaged the version of `rubygems` that has the 'bug' in it.
Unfortunately if I remember correctly it's not actually a bug, but an issue with the rubygems.org certification.
The issue is compounded by the fact that it will fall back to `openssl` CA chain check. Which means that with other platforms where `openssl` is a shared library and has a CA bundle to use it will.
I understand the frustration, but I can't ninja update files without a very good reason. Especially files that had been live for months before the cert changed.
Both the Ruby 2.0 and 2.2 releases actually have this fixed. The next Ruby 2.1 release will have it as well. But until then things are kind of stuck in an uncomfortable place.
Most importantly though, someone would have to write a custom patch to be applied for one nonconventional release. Which I don't want to do and no one else has stepped up.
Justin
Sent from mobile.
So, in essence the official Ruby release packaged the version of `rubygems` that has the 'bug' in it.
Unfortunately if I remember correctly it's not actually a bug, but an issue with the rubygems.org certification.
The issue is compounded by the fact that it will fall back to `openssl` CA chain check. Which means that with other platforms where `openssl` is a shared library and has a CA bundle to use it will.
I understand the frustration, but I can't ninja update files without a very good reason. Especially files that had been live for months before the cert changed.
Both the Ruby 2.0 and 2.2 releases actually have this fixed. The next Ruby 2.1 release will have it as well. But until then things are kind of stuck in an uncomfortable place.
Most importantly though, someone would have to write a custom patch to be applied for one nonconventional release. Which I don't want to do and no one else has stepped up.
Justin
Sent from mobile.
From: Cass Hern
Sent: 3/29/2015 19:10
To: rubyin...@googlegroups.com
Subject: [RubyInstaller] If SSL error problem on windows is known, why isn'tthe installer updated?
I am just wondering if this problem was known 3 months ago, why isn't the installer updated?
--
You received this message because you are subscribed to the Google Groups "RubyInstaller" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyinstalle...@googlegroups.com.
To post to this group, send email to rubyin...@googlegroups.com.
Visit this group at http://groups.google.com/group/rubyinstaller.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups "RubyInstaller" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyinstalle...@googlegroups.com.
To post to this group, send email to rubyin...@googlegroups.com.
Visit this group at http://groups.google.com/group/rubyinstaller.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages