また rails-assets.com のSSL証明書が期限切れらしい。
そのせいでbundle install
ができずにherokuへのデプロイが失敗していた。
Fetching source index from https://rails-assets.org/
Retrying fetcher due to error (2/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rails-assets.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit.ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.
Retrying fetcher due to error (3/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rails-assets.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit.ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.
Retrying fetcher due to error (4/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate for https://rails-assets.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed for verification. For information about OpenSSL certificates, see http://bit.ly/ruby-ssl. To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.
Could not verify the SSL certificate for https://rails-assets.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most
likely your system doesn't have the CA certificates needed for verification. For
information about OpenSSL certificates, see http://bit.ly/ruby-ssl. To connect
without using SSL, edit your Gemfile sources and change 'https' to 'http'.
ずっと昔から、rails-assetsに頼るのは良くないとか、2016年にいたってはSSL証明書の期限問題が話題になったこともあり、「えー、今更rails-assetsなんかに頼ってるのー?」って人が多いと思うけど、古いプロジェクトなんかでは使っている場合もあるんじゃないだろうか。
解決方法
環境変数BUNDLE_SSL_VERIFY_MODE
に0
を設定する。
herokuでも有効。
当然、脆弱なのでおすすめしない。
おすすめしないぞ!
本番環境でこの設定を使うんじゃないぞ!?
rails-assetsからは早く逃げよう。