Noticed this in my message logs and wondered if it is or could cause connection problems to the project :
13805 Albert@Home 12-11-2014 02:33 update requested by user
13806 12-11-2014 02:33 [http] HTTP_OP::init_get(): https://albertathome.org/rss_main.php
13807 12-11-2014 02:33 [http] HTTP_OP::libcurl_exec(): ca-bundle set
13808 12-11-2014 02:33 [http] [ID#0] Info: About to connect() to albertathome.org port 443 (#2)
13809 12-11-2014 02:33 [http] [ID#0] Info: Trying 129.89.61.67...
13810 Albert@Home 12-11-2014 02:33 Sending scheduler request: Requested by user.
13811 Albert@Home 12-11-2014 02:33 Reporting 1 completed tasks
13812 Albert@Home 12-11-2014 02:33 Not requesting tasks: don't need
13813 Albert@Home 12-11-2014 02:33 [http] HTTP_OP::init_post(): http://albert.phys.uwm.edu/AlbertAtHome_cgi/cgi
13814 Albert@Home 12-11-2014 02:33 [http] HTTP_OP::libcurl_exec(): ca-bundle set
13815 12-11-2014 02:33 [http] [ID#0] Info: Connected to albertathome.org (129.89.61.67) port 443 (#2)
13816 12-11-2014 02:33 [http] [ID#0] Info: Connected to albertathome.org (129.89.61.67) port 443 (#2)
13817 12-11-2014 02:33 [http] [ID#0] Info: successfully set certificate verify locations:
13818 12-11-2014 02:33 [http] [ID#0] Info: CAfile: C:\BOINC\ca-bundle.crt
13819 12-11-2014 02:33 [http] [ID#0] Info: CApath: none
13820 12-11-2014 02:33 [http] [ID#0] Info: SSLv3, TLS handshake, Client hello (1):
13821 Albert@Home 12-11-2014 02:33 [http] [ID#1] Info: About to connect() to albert.phys.uwm.edu port 80 (#3)
13822 Albert@Home 12-11-2014 02:33 [http] [ID#1] Info: Trying 129.89.61.67...
13823 Albert@Home 12-11-2014 02:33 [http] [ID#1] Info: Connected to albert.phys.uwm.edu (129.89.61.67) port 80 (#3)
13824 Albert@Home 12-11-2014 02:33 [http] [ID#1] Info: Connected to albert.phys.uwm.edu (129.89.61.67) port 80 (#3)
13825 Albert@Home 12-11-2014 02:33 [http] [ID#1] Sent header to server: POST /AlbertAtHome_cgi/cgi HTTP/1.1
13826 Albert@Home 12-11-2014 02:33 [http] [ID#1] Sent header to server: User-Agent: BOINC client (windows_intelx86 7.2.42)
13827 Albert@Home 12-11-2014 02:33 [http] [ID#1] Sent header to server: Host: albert.phys.uwm.edu
13828 Albert@Home 12-11-2014 02:33 [http] [ID#1] Sent header to server: Accept: */*
13829 Albert@Home 12-11-2014 02:33 [http] [ID#1] Sent header to server: Accept-Encoding: deflate, gzip
13830 Albert@Home 12-11-2014 02:33 [http] [ID#1] Sent header to server: Content-Type: application/x-www-form-urlencoded
13831 Albert@Home 12-11-2014 02:33 [http] [ID#1] Sent header to server: ACCEPT_LANGUAGE: en_US
13832 Albert@Home 12-11-2014 02:33 [http] [ID#1] Sent header to server: Content-Length: 77926
13833 Albert@Home 12-11-2014 02:33 [http] [ID#1] Sent header to server: Expect: 100-continue
13834 Albert@Home 12-11-2014 02:33 [http] [ID#1] Sent header to server:
13835 12-11-2014 02:33 [http] [ID#0] Info: SSLv3, TLS handshake, Server hello (2):
13836 12-11-2014 02:33 [http] [ID#0] Info: SSLv3, TLS handshake, CERT (11):
13837 12-11-2014 02:33 [http] [ID#0] Info: SSLv3, TLS alert, Server hello (2):
13838 12-11-2014 02:33 [http] [ID#0] Info: SSL certificate problem, verify that the CA cert is OK. Details:
13839 12-11-2014 02:33 [http] [ID#0] Info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
13840 12-11-2014 02:33 [http] [ID#0] Info: Closing connection #2
13841 Albert@Home 12-11-2014 02:33 [http] [ID#1] Received header from server: HTTP/1.1 100 Continue
13842 12-11-2014 02:33 [http] HTTP error: Peer certificate cannot be authenticated with given CA certificates
13843 Albert@Home 12-11-2014 02:33 [http] [ID#1] Received header from server: HTTP/1.1 200 OK
13844 Albert@Home 12-11-2014 02:33 [http] [ID#1] Received header from server: Date: Wed, 12 Nov 2014 08:30:25 GMT
13845 Albert@Home 12-11-2014 02:33 [http] [ID#1] Received header from server: Server: Apache/2.2.3 (CentOS)
13846 Albert@Home 12-11-2014 02:33 [http] [ID#1] Received header from server: Transfer-Encoding: chunked
13847 Albert@Home 12-11-2014 02:33 [http] [ID#1] Received header from server: Content-Type: text/xml
13848 Albert@Home 12-11-2014 02:33 [http] [ID#1] Received header from server:
13849 Albert@Home 12-11-2014 02:33 [http] [ID#1] Info: Connection #3 to host albert.phys.uwm.edu left intact
13850 Albert@Home 12-11-2014 02:33 Scheduler request completed
Copyright © 2024 Einstein@Home. All rights reserved.
Nothing similar in my message
)
Nothing similar in my message file. This may have been a temporary configuration problem on the server which has been fixed already. If not, it probably works ok if it still allows to connect -- it appears that it did on the third attempt.
If this still occurs, it could theoretically allow someone to impersonate the albert@home site. Your boinc and OS versions might help someone figure out why it fails on your system.
Right, does the error still
)
Right, does the error still persist or can you reproduce it somehow?
Thanks,
Oliver
For Linux and Raspbian for
)
For Linux and Raspbian for the Raspberry Pi, this is discussed on the Einstein@Home forum and has been resolved by an update in the Raspbian (Jessie) repository.
https://einstein.phys.uwm.edu/forum_thread.php?id=11760
(problem with ca-certificates)
Cheers!
// Brian
Expanding the edge of Science.