Kishore Karanam archive  

The curious case of Ruby and OpenSSL

February 13, 2023.


If you're a computer guy, there are certain scenarios where encountering errors is inevitable, such as when downloading a game from a torrent and using a crack or installing a library, as is the case at hand. Such errors can take you on a long journey of scouring various websites and even watching multiple YouTube videos in search of a solution. They may leave you questioning the worth of your pursuit, but once you eventually crack them, the feeling is truly wonderful. I have experienced several instances of this, including fixing Call of Duty Black Ops II for PC, cracking Wii to allow any random CD, installing Arch Linux, and now, tackling an OpenSSL error when installing the webauthn gem for Ruby. Despite sifting through numerous answers on StackOverflow and reading several blog posts on the matter, I was initially unsuccessful in resolving the issue. However, after dedicating about an hour to this endeavor, I finally achieved success. I am documenting my solution for future reference, in case I encounter similar setbacks again.

It all started with an error while trying to install webauthn. Upon entering the command sudo gem install webauthn, I received the response: ERROR: While executing gem ... (Gem::Exception) Unable to require openssl, install OpenSSL and rebuild ruby (preferred) or use non-HTTPS sources..

I explored two potential solutions. Initially, I attempted to uninstall my native Ruby and reinstall it, as suggested by some online sources. I successfully removed the version using the command rvm remove ruby-2.6.10, but encountered further issues when trying to reinstall it using rvm install ruby-2.6.10 --with-openssl-dir='/usr/local/opt/openssl'. Despite getting Ruby installed, the problem persisted when attempting to install webauthn. I later discovered that updating the Ruby gems was necessary to resolve the issue. I attempted this using the command sudo gem update --system, but this led to another error: ruby: No such file or directory -- setup.rb (LoadError). After researching various solutions, including using gem install rubygems-update --source update_rubygems, I still could not fix the problem. I eventually resorted to removing Ruby again and installing it with brew install, which surprisingly allowed me to update the gem successfully. As I tackled the OpenSSL error, I decided to try something similar to what I did with Ruby. I installed OpenSSL 1.0 through Homebrew by running brew install rbenv/tap/openssl@1.0, and reinstalled Ruby with a reference to the old version of OpenSSL: rvm reinstall 2.6.10 --with-openssl-dir='/usr/local/opt/openssl@1.0'. Surprisingly, it worked! This was my initial solution, and I have to express my gratitude to this for providing the idea. However, after fixing the OpenSSL error, another error emerged when I tried to install webauthn: ERROR: While executing gem ... (Gem::FilePermissionError) You don't have write permissions for the /System/Library/Frameworks/Ruby.framework/Versions/2.6/usr/lib/ruby/gems/2.6.0 directory.. After doing some research, I discovered that this was due to Apple's restriction on installing gems directly into the preinstalled version of Ruby on Macs. When I delved a bit deeper into this, I found that Apple officially deprecated the various scripting language runtimes that are built in to macOS back in 10.15. More info can be found on this at macOS Catalina 10.15 Release Notes. Further investigation led me to my second solution. It turned out that my use of Ruby 2.6.10 was the root cause of the trouble I had encountered all along. To solve this issue, I installed the latest Ruby version, rvm install ruby-3.2.1, and proceeded to install webauthn with sudo gem install webauthn. This worked without any hitches, displaying the following message: Done installing documentation for openssl-signature_algorithm, bindata, tpm-key_attestation, jwt, safety_net_attestation, cbor, cose, awrence, android_key_attestation, webauthn after 1 seconds. 10 gems installed. Overall it was quite an interesting error, and fun to solve.

Side notes: