Given that I have a lovely clean install of Ubuntu 11.10, I decided to use rvm to manage by Ruby installation. The only problem with that is the SSL certificate beginrescueend.com uses isn’t known to Ubuntu.
I’ve seen a post advocating using -k to ignore CA certificate validation, but that’s not the right thing to do. It works, but only by defeating a security mechanism.
Cut to the chase – how to get around it:
- Read the error message curl produces, which suggests visiting http://curl.haxx.se/docs/sslcerts.html
- From there, download cacert.pem and copy this to your home directory
- Create ~/.curlrc, with the single line cacert = ~/cacert.pem
- Test using curl https://rvm.beginrescueend.com/ > /dev/null – the CA error should not appear