Blog

Thoughts from my daily grind

Rails Assets Bundle - man-in-the-middle attack - error fix

Posted by Ziyan Junaideen |Published: 24 May 2021 |Category: Ruby on Rails
Default Upload |

In the early days of Rails assets (JS plugins) were included by source. Then they started coming up as Ruby gems. Later the Rails Assets project gained popularity. I personally found the Rails Assets project convenient. In the present day, Webpacker and yarn come to the resque. However, I have a few legacy Ruby on Rails projects that I maintain that use Rails Assets.

Checking out the project and running bundle install resulted in an error:

There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit. ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.

I don't like the solution to this issue, but it seems to be the only way to get around it. Change the source from https://rails-assets.org to http://insecure.rails-assets.org.

Ex:

source 'http://insecure.rails-assets.org' do
  gem 'rails-assets-bootstrap', '~> 3.3.7'
  gem 'rails-assets-bootstrap-datepicker'
  gem 'rails-assets-bootstrap-switch', '~> 3.3.2'
  gem 'rails-assets-dropzone'
  gem 'rails-assets-js-cookie'
  gem 'rails-assets-moment'
  gem 'rails-assets-simple-line-icons'
  gem 'rails-assets-underscore'
  gem 'rails-assets-waypoints', '~> 4.0.1'
  gem 'rails-assets-select2-bootstrap-theme'
end
Tags
    About the Author

    Ziyan Junaideen -

    Ziyan is an expert Ruby on Rails web developer with 8 years of experience specializing in SaaS applications. He spends his free time he writes blogs, drawing on his iPad, shoots photos.

    Comments
    About Me

    I am a freelance software engineer with a passion for building payment processors empowering charities and and businesses considered as "high-risk" by traditional payment processors.

    Focussing on Ruby on Rails, Elixir for web applications, Python for ML + AI, andSwift UI + Flutter for Mobile.

    Similar Posts
    Recent Posts
    Categories
    Tag Cloud
    TravelVideographyDJIOsmo PocketARMWWDCProcreateCoDCEBUSB-CRecycleThunderboltSSLLetsEncryptiPhoneDeployCryptographyEncryptionSSHRavanaEducationValidateFCPreCaptchaMarkdownRedcarpetRougeUNPDecryptionOpenSSLWebpackerPhotographyXKPasswordMigrationsLaptopNotebookMacBoo AirM1iPadAirTagMaliyadewa CollegeSinopharmNo jQueryAndroidLinuxiOSDNSAMEXNTBAbansProlinkHAMLGamesForemanSLTPadrinoSleepInternetSessionGDPRCookiesNMRALost & FoundBirdsCOVID19VaccinationRails MigrationBug FixFreelanceMoneyHacker LikeWi-FiMySQLNodeCyber SecurityDevOpsGEMSoftwarePower CutGeneratorsYarnGovernmentTerminalAppleSEODentalKandyKurunegalaCloudJavaScriptActiveMerchantPayment ProcessingAPICredit CardRails UpgradePakistanUniversity of PeradeniyaExtreamismPetsAquariumPramacPetrolStimulusTechSpecExplainedLeadAcidiMacSystems AdministrationSri LankaPowerCode SampleTurboTailwindSinatraUIUXMacBookActiveRecordPayoneerHomebrewHealthUbuntuRailsPostgreSQLRuby on RailsRubyMacOS