For those of you that have ruby installed through RVM and want a quick fix (preferring not to read per Bruno's request) just try this:

rvm remove 1.9.x (or whatever version of ruby you are using)
rvm pkg install openssl
rvm install 1.9.2 --with-openssl-dir=$rvm_path/usr

For a more details, here is the link where I found the solution.

http://railsapps.github.com/openssl-certificate-verify-failed.html

BTW, I didn't have to touch my certificates on Ubuntu.

Best of all, this isn't a workaround. It will download gems through SSL and fail if there if there is a problem like a man in the middle attack which is much better than just turning off security.

This worked for me:

• download latest gem at https://rubygems.org/pages/download
• install the gem with gem install --local [path to downloaded gem file]
• update the gems with update_rubygems
• check that you're on the latest gem version with gem --version

If you're using rails-assets

If you were using https://rails-assets.org/ to manage your assets, no answers will help you. Even converting to http won't help.

The simplest fix is using this source instead, http://insecure.rails-assets.org. This has been mentioned in their homepage.

same problem but with different gem here:

Gem::RemoteFetcher::FetchError: SSL_connect returned=1 errno=0 state=SSLv3 
read server certificate B: certificate verify failed 
(https://bb-m.rubygems.org/gems/builder-3.0.0.gem)
An error occured while installing builder (3.0.0), and Bundler cannot continue.
Make sure that `gem install builder -v '3.0.0'` succeeds before bundling.

temporarily solution: gem install builder -v '3.0.0' makes it possible to continue bundle install

Update

Now that I've karma wh..err mined enough from this answer everyone should know that this should have been fixed.

re: via Ownatik again bundle install fails with SSL certificate verification error

gem update --system

My answer is still correct and left below for reference if that ends up not working for you.

Honestly the best temporary solution is to

[...] use the non-ssl version of rubygems in your gemfile as a temporary workaround.

via user Ownatik

what they mean is at the top of the Gemfile in your rails application directory change

source 'https://rubygems.org'

to

source 'http://rubygems.org'

note that the second version is http instead of https

On windows7 you can download the cacert.pem file from here and set the environementvariable SSL_CERT_FILE to the path where you store the certificate eg

SET SSL_CERT_FILE="C:\users\<username>\cacert.pem"

or you can set the variable in your script like this ENV['SSL_CERT_FILE']="C:/users/<username>/cacert.pem"

Replace <username> with you own username.