The reason why you might get certificate errors in Ruby 2.0 when talking HTTPS is because there isn't a default certificate bundle that OpenSSL (which was used when building Ruby) trusts.
Update: this problem is solved in edge versions of rbenv and RVM.
$ ruby -rnet/https -e "Net::HTTP.get URI('https://github.com')"
net/http.rb:917:in `connect': SSL_connect returned=1 errno=0 state=SSLv3
read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)
You can work around the issue by installing a certificate bundle that you trust. I trust Mozilla and curl.
WARNING: use the below code only if you're not terribly worried about maximum security:
- Note that the certificate bundle below is downloaded from curl.haxx.se over HTTP not HTTPS.
- Keep in mind that this installs a cert bundle that will never be automatically updated if a cert gets revoked.
curl -fsSL curl.haxx.se/ca/cacert.pem \
-o "$(ruby -ropenssl -e 'puts OpenSSL::X509::DEFAULT_CERT_FILE')"
And if you want to acquire that secure .pem file without being vulnerable to a MitM attack, here's how: https://gist.github.com/jjb/996292 :-D