Re: SSL: CERTIFICATE_VERIFY_FAILED

Fri, 23 Dec 2016 07:26:22 -0800 


Il 23/12/2016 16:00, Pierre-Yves Chibon ha scritto:

On Fri, Dec 23, 2016 at 03:00:03PM +0100, gil wrote:


Il 23/12/2016 14:38, Pierre-Yves Chibon ha scritto:

On Fri, Dec 23, 2016 at 12:53:25PM +0100, gil wrote:

Il 23/12/2016 12:04, Patrick Uiterwijk ha scritto:

Hi,


$ koji build --scratch --arch-override x86_64 rawhide
/home/gil/springframework/springframework-3.2.18-1.fc26.src.rpm
SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed
(_ssl.c:590)

Hi

This message indicates that you have an outdated koji config file.
Do you have koji 1.11.0?

$ rpm -q koji fedora-packager
koji-1.11.0-1.fc24.noarch
fedora-packager-0.6.0.0-1.fc24.noarch

If you do, you most likely have a /etc/koji.conf.rpmnew, please try
moving that to /etc/koji.conf.

koji.conf.rpmnew is not available
content of koji.conf:
[koji]

;configuration for koji cli tool

;url of XMLRPC server
server = https://koji.fedoraproject.org/kojihub

;url of web interface
weburl = https://koji.fedoraproject.org/koji

;url of package download site
topurl = https://kojipkgs.fedoraproject.org/

;path to the koji top directory
;topdir = /mnt/koji

authtype = kerberos
krb_rdns = false

Do you have by any chances a ~/.koji/config?

which changes?

Do you actually need this file?

If so, then you'll need to update the URLs to use http*s*, drop the lines
referring to the cert, and include the lines: ``krb_rdns = false`` and
``authtype = kerberos`` which is required.

Well, making a diff -u between the two files will show you the diff better than
I would :)

$ diff -u ~/.koji/config ~/.koji/config.old
no changes ....

content of ~/.koji/config.old:

[koji]

;configuration for koji cli tool

;url of XMLRPC server
server = http://koji.fedoraproject.org/kojihub

;url of web interface
weburl = http://koji.fedoraproject.org/koji

;url of package download site
topurl = https://kojipkgs.fedoraproject.org/

;path to the koji top directory
;topdir = /mnt/koji

;configuration for Kerberos authentication

;the service name of the principal being used by the hub
;krbservice = host

;configuration for SSL authentication

;client certificate
cert = ~/.fedora.cert

;certificate of the CA that issued the client certificate
ca = ~/.fedora-server-ca.cert

;certificate of the CA that issued the HTTP server certificate
serverca = ~/.fedora-server-ca.cert

anon_retry = yes

.g

Pierre
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org






















					Reply via email to