Ubuntu
esniper package

missing dependency on ca-certificates in esniper package (fixed upstream)

Bug #164264 reported by josh_rosenbluh on 2007-11-21

This bug affects 1 person

	Status	Importance	Assigned to
ca-certificates (Ubuntu)	Invalid	Undecided	Unassigned
esniper (Debian)	Fix Released	Unknown	debbugs #453060
esniper (Ubuntu)	Fix Released	Medium	Rolf Leggewie

Bug Description

Binary package hint: esniper

esniper (2.17.0-1) reports a problem with the SSL CA cert. The file it is trying to read from does not exist. openssl (0.9.8e-5ubuntu3.1) is installed.

Snippet:
=====
Cannot connect to URL : problem with the SSL CA cert (path? access rights?): error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
=====

Revision history for this message

adlibre (adlibre) wrote on 2007-12-06:

This bug is solved by installing the ca-certificates package:

sudo apt-get install ca-certificates

This may be fixed in the new version of esniper according to this Debian bug report:

http://groups.google.se/group/linux.debian.bugs.rc/browse_thread/thread/899fd6cdc2d7c8ce

Revision history for this message

berg (berg-foss) wrote on 2008-03-20:

the solution seems enable cacert provider at /etc/ca-certificates.conf and executing
update-ca-certificates command like said BrodocK at his comment:

https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/153625/comments/5

The Boinc site ( http://boinc.berkeley.edu/trac/wiki/ErrorReference ) said:

/*
Scheduler request failed: problem with the SSL CA cert (path? access rights?)

This is a known problem with some ported BOINC releases, especially certain Linux x64 ports. The reason for the error is that a file (ca-bundle.crt) was omitted from the release.

If you see this error message in your message log, then you probably need to apply this fix.

1. Determine your BOINC data directory. Check the beginning of your message log. There will be a line near the beginning like this:

08/06/2007 13:18:00||Data directory: C:\Program Files\BOINC

   2. Download the missing file. - make sure you name the file ca-bundle.crt.
   3. Place the file in your BOINC data directory.
   4. Restart BOINC. The way you do this will depend on your installation.

Why does this problem only affect WCG, and not other BOINC projects?This is because WCG is (at the time of writing) the only BOINC project that requires a secure connection to the server. Other projects permit falling back to an insecure connection.

The missing file ( I think) is a generated ( update-ca-certificates ) ca-certicate.crt build from many (all ?) providers enabled ( /etc/ca-certificates.conf )

REFERENCES:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/153625
http://boinc.berkeley.edu/trac/wiki/ErrorReference
https://bugs.launchpad.net/ubuntu/+source/esniper/+bug/164264
https://bugs.launchpad.net/ubuntu/+source/boinc/+bug/159135

Revision history for this message

berg (berg-foss) wrote on 2008-03-20:

when I enabled only cacert.org provider, I have other errors ( listed below). Then I enabled all providers and boinc works fine now :)

Qui 20 Mar 2008 19:19:15 AMT||Fetching configuration file from http://www.worldcommunitygrid.org/get_project_config.php
Qui 20 Mar 2008 19:19:33 AMT|World Community Grid|Master file download succeeded
Qui 20 Mar 2008 19:19:38 AMT|World Community Grid|Sending scheduler request: Project initialization
Qui 20 Mar 2008 19:19:38 AMT|World Community Grid|Requesting 1 seconds of new work
Qui 20 Mar 2008 19:19:40 AMT||Project communication failed: attempting access to reference site
Qui 20 Mar 2008 19:19:43 AMT||Access to reference site succeeded - project servers may be temporarily down.
Qui 20 Mar 2008 19:19:43 AMT|World Community Grid|Scheduler request failed: peer certificate cannot be authenticated with known CA certificates
Qui 20 Mar 2008 19:19:43 AMT|World Community Grid|Deferring communication for 1 min 0 sec
Qui 20 Mar 2008 19:19:43 AMT|World Community Grid|Reason: scheduler request failed

Revision history for this message

Rolf Leggewie (r0lf) wrote on 2008-03-21:

if anything, this is a bug in ca-certificates, not in esniper

Changed in esniper:
status:	New → Invalid

Revision history for this message

Rolf Leggewie (r0lf) wrote on 2008-03-21:

sorry, my mistake. This is of course a bug, not in esniper itself, but in the packaging. Confirming.

Changed in esniper:
importance:	Undecided → Medium
status:	Invalid → Confirmed

Revision history for this message

Rolf Leggewie (r0lf) wrote on 2008-03-21:

@berg, I think yours is a different problem. This bug report is about a missing dependency on ca-certificates in the esniper package. Please open a new bug report about the problem you are facing.

Changed in ca-certificates:
status:	New → Invalid
Changed in esniper:
assignee:	nobody → r0lf
status:	Confirmed → In Progress

Bug Watch Updater (bug-watch-updater) on 2008-03-21

Changed in esniper:
status:	Unknown → Fix Released

Revision history for this message

berg (berg-foss) wrote on 2008-03-29:

@Rolf Leggewie , the problem's root is the same: the /etc/ssl/certs/ca-certificates.crt file is empty ( or maybe inexistent , if josh_rosenbluh give to us a ls -l of his /etc/ssl/certs directory, this doubt would maybe answered ).

at bug https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/153625 ,the problem's source seems typo error in PT-BR translation ( I'm brazilian user :)

@ josh_rosenbluh , are you using PT-BR locales ???

Revision history for this message

josh_rosenbluh (rosenbluh) wrote on 2008-03-29:

output of 'ls -l /etc/ssl/certs' Edit (25.1 KiB, text/plain)

@berg:
I'm not using PT-BR locales. Installing the ca-certificates package solved the problem for me. In any case, I attached the cert directory listing in case anyone is curious. It seems that there are a number of variables at work, but it looks like ca-certificates is listed as a dependency in in hardy, so that should solve the minor problem I experienced.
http://packages.ubuntu.com/hardy/esniper