Rails Assets Bundle - man-in-the-middle attack - error fix
In the early days of Rails assets (JS plugins) were included by source. Then they started coming up as Ruby gems. Later the Rails Assets project gained popularity. I personally found the Rails Assets project convenient. In the present day, Webpacker and yarn come to the resque. However, I have a few legacy Ruby on Rails projects that I maintain that use Rails Assets.
Checking out the project and running bundle install
resulted in an error:
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit. ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.
I don't like the solution to this issue, but it seems to be the only way to get around it. Change the source from https://rails-assets.org
to http://insecure.rails-assets.org
.
Ex:
source 'http://insecure.rails-assets.org' do
gem 'rails-assets-bootstrap', '~> 3.3.7'
gem 'rails-assets-bootstrap-datepicker'
gem 'rails-assets-bootstrap-switch', '~> 3.3.2'
gem 'rails-assets-dropzone'
gem 'rails-assets-js-cookie'
gem 'rails-assets-moment'
gem 'rails-assets-simple-line-icons'
gem 'rails-assets-underscore'
gem 'rails-assets-waypoints', '~> 4.0.1'
gem 'rails-assets-select2-bootstrap-theme'
end
About the Author
Ziyan Junaideen -
Ziyan is an expert Ruby on Rails web developer with 8 years of experience specializing in SaaS applications. He spends his free time he writes blogs, drawing on his iPad, shoots photos.