Skip to content

SSL Cert issue on Windows #475

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Arcanemagus opened this issue Feb 8, 2017 · 9 comments
Closed

SSL Cert issue on Windows #475

Arcanemagus opened this issue Feb 8, 2017 · 9 comments
Labels
windows

Comments

@Arcanemagus
Copy link
Contributor

With the fixes from #459 in place so that the program will run at all on Windows, we then start running into the following issue:

C:/Ruby23-x64/lib/ruby/2.3.0/net/http.rb:933:in `connect_nonblock': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (Faraday::SSLError)
        from C:/Ruby23-x64/lib/ruby/2.3.0/net/http.rb:933:in `connect'
        from C:/Ruby23-x64/lib/ruby/2.3.0/net/http.rb:863:in `do_start'
        from C:/Ruby23-x64/lib/ruby/2.3.0/net/http.rb:852:in `start'
        from C:/Ruby23-x64/lib/ruby/2.3.0/net/http.rb:1398:in `request'
        from C:/Ruby23-x64/lib/ruby/2.3.0/net/http.rb:1156:in `get'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-0.10.0/lib/faraday/adapter/net_http.rb:81:in `perform_request'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-0.10.0/lib/faraday/adapter/net_http.rb:41:in `block in call'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-0.10.0/lib/faraday/adapter/net_http.rb:88:in `with_net_http_connection'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-0.10.0/lib/faraday/adapter/net_http.rb:33:in `call'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-0.10.0/lib/faraday/response.rb:8:in `call'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-http-cache-2.0.0/lib/faraday/http_cache.rb:290:in `fetch'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-http-cache-2.0.0/lib/faraday/http_cache.rb:195:in `process'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-http-cache-2.0.0/lib/faraday/http_cache.rb:142:in `call!'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-http-cache-2.0.0/lib/faraday/http_cache.rb:115:in `call'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-0.10.0/lib/faraday/rack_builder.rb:139:in `build_response'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-0.10.0/lib/faraday/connection.rb:377:in `run_request'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/faraday-0.10.0/lib/faraday/connection.rb:140:in `get'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/sawyer-0.8.1/lib/sawyer/agent.rb:94:in `call'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/octokit-4.6.2/lib/octokit/connection.rb:154:in `request'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/octokit-4.6.2/lib/octokit/connection.rb:84:in `paginate'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/octokit-4.6.2/lib/octokit/client/repositories.rb:465:in `tags'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator/octo_fetcher.rb:79:in `block in calculate_pages'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator/octo_fetcher.rb:298:in `block in check_github_response'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/retriable-2.1.0/lib/retriable.rb:54:in `block in retriable'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/retriable-2.1.0/lib/retriable.rb:48:in `times'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/retriable-2.1.0/lib/retriable.rb:48:in `retriable'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator/octo_fetcher.rb:297:in `check_github_response'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator/octo_fetcher.rb:78:in `calculate_pages'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator/octo_fetcher.rb:97:in `github_fetch_tags'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator/octo_fetcher.rb:70:in `block in get_all_tags'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator/octo_fetcher.rb:298:in `block in check_github_response'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/retriable-2.1.0/lib/retriable.rb:54:in `block in retriable'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/retriable-2.1.0/lib/retriable.rb:48:in `times'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/retriable-2.1.0/lib/retriable.rb:48:in `retriable'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator/octo_fetcher.rb:297:in `check_github_response'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator/octo_fetcher.rb:70:in `get_all_tags'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator/generator/generator_tags.rb:9:in `fetch_and_filter_tags'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator/generator/generator_generation.rb:8:in `compound_changelog'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/lib/github_changelog_generator.rb:34:in `run'
        from C:/Ruby23-x64/lib/ruby/gems/2.3.0/gems/github_changelog_generator-1.14.2/bin/github_changelog_generator:5:in `<top (required)>'
        from C:/Ruby23-x64/bin/github_changelog_generator:22:in `load'
        from C:/Ruby23-x64/bin/github_changelog_generator:22:in `<main>'

It seems the two alternatives for "solutions" to this are:

  • Bundling a root cert bundle with this program that is more up to date than the one bundled with Ruby (like this)
  • Forcing users to fix the Ruby cert bundle themselves (see here)
@XaserAcheron
Copy link

Welp. This is a fun issue to run into immediately upon trying the tool. D:

I don't have much insight to add, unfortunately (not a Rubyist), aside from "thanks for rememberin' us Windows users". :P

@XaserAcheron
Copy link

I'm shooting in the dark here, but this gem looks like it may ease the burden of going the bundle route, as it streamlines the process of updating the certs.

@olleolleolle
Copy link
Collaborator

olleolleolle commented Feb 8, 2017
edited
Loading

@XaserAcheron Certified's patches to Faraday seem out of date. Also: The repository which it wants to download a certificate bundle file from nowadays says about itself:

Since the original curl site hosts this data over HTTPS now, this repository has no purpose and is going away soon. Go to https://curl.haxx.se/docs/caextract.html instead!

(That site, curl.haxx.se, is very nice and user-friendly, though. Links, yeah! It's awesome!)

Also: Thanks for shooting in the dark!

@olleolleolle olleolleolle mentioned this issue Feb 8, 2017
Merged
5 tasks
@Arcanemagus
Copy link
Contributor Author

@XaserAcheron Btw, the last working version for Windows is currently v1.13.2, it's what I've been stuck on till this is resolved.

@XaserAcheron
Copy link

@Arcanemagus Super-thanks! v1.13.2 indeed works. I'll see about updating once this is all resolved, but this version will do for now.

@Arcanemagus Arcanemagus mentioned this issue Mar 10, 2017
Closed
@olleolleolle
Copy link
Collaborator

@Arcanemagus Could you test out the pre-release to see where we are?

@Arcanemagus
Copy link
Contributor Author

The pre-release seems to be working for me at least 😉.

@olleolleolle
Copy link
Collaborator

@Arcanemagus Thanks for test-driving. Can we close this issue?

@Arcanemagus
Copy link
Contributor Author

Makes sense to me, probably should have been closed with the merge of #475.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
windows
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@olleolleolle @Arcanemagus @XaserAcheron