2010-04-20 15:33:39,421 WARNING appengine_rpc.py:399 ssl module not found.
Without the ssl module, the identity of the remote host cannot be verified, and
connections may NOT be secure. To fix this, please install the ssl module from
http://pypi.python.org/pypi/ssl .
To learn more, see http://code.google.com/appengine/kb/general.html#rpcssl .
how can i do ?
thanks
As the message describes, install the SSL module from that URL. Or, if you're not concerned about using a secure connection to authenticate and upload your app, just ignore the message.
Related
When I try to install yarn, I've got the following output:
Internal Error: Error when performing the request
at ClientRequest.<anonymous> (C:\Program Files\nodejs\node_modules\corepack\dist\corepack.js:3937:20)
at ClientRequest.emit (node:events:390:28)
at TLSSocket.socketErrorListener (node:_http_client:447:9)
at TLSSocket.emit (node:events:390:28)
at emitErrorNT (node:internal/streams/destroy:157:8)
at emitErrorCloseNT (node:internal/streams/destroy:122:3)
at processTicksAndRejections (node:internal/process/task_queues:83:21)
TL;DR
Create a custom CA certificate file (in this example c:\temp\combo.ca.cer) containing BASE64-encoded DERs of all certs your corporate network security solution is presenting to Node.js when Node.js makes HTTPS requests
I used advice from https://stackoverflow.com/a/44726189 to create my custom CA cert file
set NODE_EXTRA_CA_CERTS=c:\temp\combo.ca.cer
corepack enable
yarn set version stable
Root Cause Analysis
I had the "Internal Error: Error when performing the request" at "corepack.js:3937:20" like everyone who's been here so I looked in line 3937 and discovered it was a vanilla https.get call. I stuck in some extra debugging into corepack.js to see what was being accessed and discovered it was failing trying to reach "https://registry.npmjs.com/pnpm".
I navigated to "https://registry.npmjs.com/pnpm" in my web browser and discovered my corporate environment let it load up with no errors. So I fired up Node JS and issued to see what would happen:
https.get("https://registry.npmjs.com/pnpm", {}, res => console.log(res));
I received a "unable to get local issuer certificate" error. In my corporate environment, there's a security solution that injects it's own self-signed certificates into responses from any outbound https requests. What that means for me is that I need to instruct anything issuing https requests (eg Node.js and curl) to use a custom CA certificate file.
To get corepack to work, I first hard-coded a custom CA certificate file into corepack.js and while it's pretty ugly, it did work. A bit of further digging around I found the NODE_EXTRA_CA_CERTS environment variable option used by Node.js so also tried the following in a Administrator-privileged cmd session with success (also removing the corepack.js hack I made earlier):
set NODE_EXTRA_CA_CERTS=c:\temp\combo.ca.cer
corepack enable
yarn set version stable
The combo.ca.cer was constructed by navigating to https://registry.npmjs.com/pnpm and exporting all the CA certs (root and any intermediate CA certs) to text files and copy-pasting the contents of all the CA cert files into a single text file called combo.ca.cer. I used advice from https://stackoverflow.com/a/44726189 to create my custom CA cert file.
As part of the initial setup of a work computer, I got this same error. Even a clean run of yarn (yarn init -2 in an empty folder) would cause the error.
Turning off my VPN made yarn work as expected.
Googling the error lead me to this page which got me to suspect the VPN. https://github.com/nodejs/corepack/issues/67
I had the same problem and for me it was solved by running yarn set version stable.
I have a Linux VPS with Plesk control panel. Today, I have added one domain name [demovpstest.com] on my Linux VPS through the Plesk panel. When I am going to enable Let's Encrypt SSL Certificate for my website, I am receiving the following error.
Error: Could not issue a Let's Encrypt SSL/TLS certificate for demovpstest.com.
Details
Invalid response from https://acme-v02.api.letsencrypt.org/acme/order/68205530/1263660043
Details:
Type: urn:ietf:params:acme:error:malformed
Status: 404
Detail: No order for ID 1263660043
I've tried 2 - 3 times, but it failed. Please help me to solve this error.
This is a BUG than will be solved by Plesk, meanwhile this worked for me:
1-Connect to the Plesk server via SSH
2-Search for the JSON file which contains the Let's Encrypt order in the /usr/local/psa/var/modules/letsencrypt/orders folder:
egrep -Ril example.com /usr/local/psa/var/modules/letsencrypt/orders
/usr/local/psa/var/modules/letsencrypt/orders/c92788fed3b07d20e4ad823731285d30f0c88dcb.json
Note: replace the example.com with the name of the affected domain.
3-Remove the JSON file retrieved with the previous command:
rm /usr/local/psa/var/modules/letsencrypt/orders/c92788fed3b07d20e4ad823731285d30f0c88dcb.json
4-Reissue the Let's Encrypt certificate
I am getting the following error while deploying the google app engine
ERROR: gcloud crashed (SSLHandshakeError): [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)
If you would like to report this issue, please run the following command:
gcloud feedback
To check gcloud for common problems, please run the following command:
gcloud info --run-diagnostics
I am using python 2.7 also tried turning off firewall settings but doesnot help. Any suggestions?
This is a common network issue seen when there is a networking proxy present on your network or antivirus and similar software that might prevent the connection.
As you mentioned the issue was solved when deactivating an antivirus software. If you still want to run the antivirus, you can configure it properly to allow the connection to GCP.
I tried this to avoid SSL certificate validation and successfully worked
gcloud config set auth/disable_ssl_validation True
Is there a way to setup Sonatype Nexus with macports proxy. I tried it but i could not find rsync being supported by nexus.
/opt/local/etc/macports/sources.conf can take http protocol, but does not work in my case
i configure proxy in macports.conf
proxy_http proxy.local.dev:80
proxy_https proxy.local.dev:80
but i get 403 forbidden error, when i try to install a package
$sudo port install ack
error:
0DEBUG: Fetching distfile failed: The requested URL returned error: 403
This is currently not supported. Your best bet at current time would be to try and use a raw repository as a proxy, but you might have already tried that.
The other more fun but time consuming alternative is to create your own format! One of our community members did this with APT, you can check out their work here: https://github.com/mpoindexter/nexus-repository-apt
When I used openssl APIs to validate server certificate (self signed), I got following error :
error 19 at 1 depth lookup:self signed certificate in certificate
chain
As per openssl documentation, this error (19) is
"X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in
certificate chain - the certificate chain could be built up using the
untrusted certificates but the root could not be found locally."
Why this error occurs ? Any problems with my server certificate ?
You have a certificate which is self-signed, so it's non-trusted by default, that's why OpenSSL complains. This warning is actually a good thing, because this scenario might also rise due to a man-in-the-middle attack.
To solve this, you'll need to install it as a trusted server. If it's signed by a non-trusted CA, you'll have to install that CA's certificate as well.
Have a look at this link about installing self-signed certificates.
Here is one-liner to verify certificate to be signed by specific CA:
openssl verify -verbose -x509_strict -CAfile ca.pem certificate.pem
This doesn't require to install CA anywhere.
See How does an SSL certificate chain bundle work? for details and correct certificate chain handling.
If you're running Charles and trying to build a docker container then you'll most likely get this error.
Make sure to disable Charles (macos) proxy under proxy -> macOS proxy
Charles is an
HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet.
So anything similar may cause the same issue.
The solution for the error is to add this line at the top of the code:
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
if you are testing your end points using Postman, just go to settings and disable "Enable SSL certificate verification"