You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm encountering an SSL certificate verification error when using the importmap pin command with importmap-rails (2.0.1) to pin packages like Bootstrap. Despite having the correct SSL certificates installed and being able to make HTTPS requests using Ruby's net/http, the importmap command fails with an SSL error.
Steps to Reproduce:
Set Up Environment Variables for SSL Certificates:
Created a test script ssl_test.rb to confirm that Ruby's net/http can establish an SSL connection:
require 'net/http'
require 'openssl'
uri = URI('https://ga.jspm.io/npm:bootstrap@5.3.3/dist/js/bootstrap.esm.js')
Net::HTTP.start(
uri.host,
uri.port,
use_ssl: true,
verify_mode: OpenSSL::SSL::VERIFY_PEER
) do |http|
request = Net::HTTP::Get.new(uri)
response = http.request(request)
puts "Response Code: #{response.code}"
end
Output:
Response Code: 200
Attempt to Pin Bootstrap Using importmap:
Ran the command: ./bin/importmap pin bootstrap
Output/Error:
Pinning "bootstrap" to vendor/javascript/bootstrap.js via download from https://ga.jspm.io/npm:bootstrap@5.3.3/dist/js/bootstrap.esm.js
/path/to/gems/net-protocol-0.2.2/lib/net/protocol.rb:46:in `connect_nonblock': SSL_connect returned=1 errno=0 peeraddr=205.234.175.175:443 state=error: certificate verify failed (unable to get local issuer certificate) (OpenSSL::SSL::SSLError)
Additional Information:
Ruby Version: 3.2.2
OpenSSL Version: (Output of ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION'): OpenSSL 3.3.2 3 Sep 2024
Importmap-Rails Version: 2.0.1
Operating System: macOS on Apple Silicon
Ensured that the DigiCert Global Root G2 certificate is present in /opt/homebrew/etc/openssl@3/cert.pem.
Updated and rehashed the certificates in the certs directory.
Reinstalled Ruby and Gems:
Uninstalled and reinstalled Ruby using rbenv, ensuring it links to the correct OpenSSL.
Updated gems and checked for conflicting versions of net-http and net-protocol.
Modified bin/importmap:
Added debug statements to print environment variables and Ruby version.
Attempted to override Net::HTTP settings within bin/importmap to explicitly set ca_file and ca_path.
Modified importmap-rails Gem Code:
Edited packager.rb to set SSL options explicitly when initializing Net::HTTP.
Tested with OpenSSL::SSL::VERIFY_NONE:
As a test (not for production), set verify_mode to OpenSSL::SSL::VERIFY_NONE, which allowed the command to succeed, indicating the issue is with SSL verification.
Manually Downloaded Bootstrap:
Used curl to download Bootstrap and updated config/importmap.rb as a temporary workaround.
Suspected Cause:
It seems that the importmap-rails gem may not be correctly utilizing the SSL certificates specified by the environment variables or might be overriding SSL settings internally, leading to the SSL verification failure.
Expected Behavior:
The importmap pin command should respect the SSL certificate environment variables and successfully establish an SSL connection to pin packages.
Actual Behavior:
The command fails with an SSL certificate verification error, even though SSL connections work in other Ruby scripts and tools.
Please let me know if I can provide any more information.
The text was updated successfully, but these errors were encountered:
I'm encountering an SSL certificate verification error when using the importmap pin command with importmap-rails (2.0.1) to pin packages like Bootstrap. Despite having the correct SSL certificates installed and being able to make HTTPS requests using Ruby's net/http, the importmap command fails with an SSL error.
Steps to Reproduce:
Set Up Environment Variables for SSL Certificates:
Verify SSL Connectivity with a Test Script:
Created a test script ssl_test.rb to confirm that Ruby's net/http can establish an SSL connection:
Output:
Response Code: 200
Attempt to Pin Bootstrap Using importmap:
Ran the command:
./bin/importmap pin bootstrap
Output/Error:
Additional Information:
Ruby Version: 3.2.2
OpenSSL Version: (Output of ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION'): OpenSSL 3.3.2 3 Sep 2024
Importmap-Rails Version: 2.0.1
Operating System: macOS on Apple Silicon
Environment Variables:
What I've Tried:
Verified Certificates:
Ensured that the DigiCert Global Root G2 certificate is present in /opt/homebrew/etc/openssl@3/cert.pem.
Updated and rehashed the certificates in the certs directory.
Reinstalled Ruby and Gems:
Uninstalled and reinstalled Ruby using rbenv, ensuring it links to the correct OpenSSL.
Updated gems and checked for conflicting versions of net-http and net-protocol.
Modified bin/importmap:
Added debug statements to print environment variables and Ruby version.
Attempted to override Net::HTTP settings within bin/importmap to explicitly set ca_file and ca_path.
Modified importmap-rails Gem Code:
Edited packager.rb to set SSL options explicitly when initializing Net::HTTP.
Tested with OpenSSL::SSL::VERIFY_NONE:
As a test (not for production), set verify_mode to OpenSSL::SSL::VERIFY_NONE, which allowed the command to succeed, indicating the issue is with SSL verification.
Manually Downloaded Bootstrap:
Used curl to download Bootstrap and updated config/importmap.rb as a temporary workaround.
Suspected Cause:
It seems that the importmap-rails gem may not be correctly utilizing the SSL certificates specified by the environment variables or might be overriding SSL settings internally, leading to the SSL verification failure.
Expected Behavior:
The importmap pin command should respect the SSL certificate environment variables and successfully establish an SSL connection to pin packages.
Actual Behavior:
The command fails with an SSL certificate verification error, even though SSL connections work in other Ruby scripts and tools.
Please let me know if I can provide any more information.
The text was updated successfully, but these errors were encountered: