Since it is very difficult to disable SSL for a long time, you can correct the certificate error correctly by adding the certificate to the built-in Ruby and curl trust chain (it hurts, but it is possible to automate, http://guides.rubygems.org/ssl-certificate-update/# manual-solution-to-ssl-issue ) or better yet, using the alternate CA path that was added to the new version of Vagrant? config.vm.box_download_ca_cert seems to be a new setting.
Manual way:
The steps are as follows: Step 1: Obtain the correct trust certificate Step 2: Locate RubyGems certificate directory in your installation Step 3: Copy correct trust certificate Step 4: Profit Step 1: Obtain the correct trust certificate We need to download the correct trust certificate, YourCompanyRootCA.pem. This can probably be obtained from your IT department or by exporting the certificate from your web browser or certificate store (and possibly converting to .pem using OpenSSL). IMPORTANT: File must have .pem as extension. Browsers like Chrome will try to save it as plain text file. Ensure you change the filename to end with .pem after you have downloaded it. Step 2: Locate Ruby certificate directory in your installation In order for us copy this file, we need to know where to put it. Depending on where you installed Ruby (or Vagrant has embedded it), the directory will be different. Take for example the default installation of Ruby 2.1.5, placed in C:\Ruby21 Or the Vagrant default of C:\HashiCorp\Vagrant\embedded (or /opt on Linux) Search for `cacert.pem` or any `*.pem` in those directories. Step 3: Copy new trust certificate Now, locate ssl_certs directory (Ruby) and copy the .pem file we obtained from previous step inside. It will be listed with other files like AddTrustExternalCARoot.pem. If you are updating the Vagrant cacert.pem, make a backup copy, then append the entire contents of your new .pem file to the end of the cacert.pem. This should eliminate the warnings from Vagrant ruby/curl.
dragon788
source share