I am trying to import the Elmo module using the url:
elmo = hub.Module("https://tfhub.dev/google/elmo/3", trainable=True)
but am unable to load it as it is giving an error:
URLError: urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:1076)
can anyone help me to get this thing work?
Related
I am working on a rust networking application. And I download a package from gcloud storage (using an https://... URL). I will eventually need the capabilities CAP_NET_ADMIN and CAP_NET_RAW.
This is my rust program:
pub fn download_runner_binary(bin_dir: PathBuf) -> Result<()> {
let uri = "https://example.com/foo.tar";
let response = reqwest::blocking::get(uri)?;
let tar_path = bin_dir.join("foo.tar");
let tar_path2 = tar_path.clone();
let mut dest = File::create(tar_path)?;
io::copy(&mut Cursor::new(&mut response.bytes()?), &mut dest)?;
// now seek the beginning
let dest_f = File::open(tar_path2)?;
// now extract the files here
let mut archive = Archive::new(dest_f);
archive.unpack(bin_dir)?;
Ok(())
}
It compiles fine, and I can run it just fine. Subsequently I do:
sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' ./target/debug/foo
and when I getcap:
getcap ./target/debug/foo
./target/debug/foo = cap_net_admin,cap_net_raw+eip
At this stage, when I run my program:
(base) ➜ wallet git:(s/permissions) ✗ ./target/debug/foo init
Initializing job runner
Error: NetworkError: `error sending request for url (https://example.com/): error trying to connect: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1914: (unable to get local issuer certificate)`
Caused by:
0: error sending request for url (https://example.com/foo.tar): error trying to connect: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1914: (unable to get local issuer certificate)
1: error trying to connect: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1914: (unable to get local issuer certificate)
2: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1914: (unable to get local issuer certificate)
3: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1914:
And I can't pull things down from any SSL url. Once I remove these capabilities with setcap -r ./target/debug/foo, it is all good.
I then wrote a small python script:
#!/usr/bin/env python
import sys
import requests
resp = requests.get('https://example.com/foo.tar')
print(resp.text)
Setting the same capabilities on this script and running ./test.py completes with no issues.
Is reqwest doing something weird? Is there some issue with certificates? Is it some issue with my local SSL setup?
Any help would be appreciated.
On a specific URL I am getting ssl.SSLError: [SSL: WRONG_SIGNATURE_TYPE] wrong signature type using Python's requests library.
I have tried the answers at python requests : SSL error during requests? but they do not help.
Not even verify=False from, e.g., Python Requests throwing SSLError, helps:
url = 'https://infoteka.bg.ac.rs/ojs/index.php/Infoteka/issue/view/20'
import requests
response = requests.get(url, verify=False)
gives
Traceback (most recent call last):
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 699, in urlopen
...
File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: WRONG_SIGNATURE_TYPE] wrong signature type (_ssl.c:1131)
I have the most recent distribution package of openssl:
$ openssl version
OpenSSL 1.1.1f 31 Mar 2020
Though I note that upgrading to 1.1.1g stated at https://stackoverflow.com/a/63387377/589165 could perhaps solve the problem.
My webbrowsers do not have a problem with the particular page (as far as I can tell), while both wget and curl have the same problem as requests.
What are the options here? Would it be necessary to manually install a newer version of openssl? Or are there other possible workarounds?
When I'm trying to delete or insert data into influxDB 2.0 I suddenly started getting this error.
It was working without any issue earlier
Does anyone know how to fix it
[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:1129)```
Fixed this issue.
Fix was adding this line when initializing the influxDB client
ssl_ca_cert=certifi.where()
client = influxdb_client.InfluxDBClient(
url=os.getenv("URL"),
token=token,
org=os.getenv("ORG"),
ssl_ca_cert=certifi.where()
I am trying to use my organisation cert in my terraform code here.
crt.tf
resource "aws_iam_server_certificate" "acm_crt" {
name = "acm_crt"
certificate_body = "s3://cicd-storage/csr_keys_crts/crt.txt"
private_key = "s3://cicd-storage/csr_keys_crts/csr.pem"
}
Error: Error applying plan:
1 error(s) occurred:
aws_iam_server_certificate.acm_crt: 1 error(s) occurred:
aws_iam_server_certificate.acm_crt: Error uploading server certificate, error: MalformedCertificate: Unable to parse certificate. Please ensure the certificate is in PEM format.
In mandrill webhook, I added https://xxxx/mandrills/email_bounced_back
The error I got is:
Error: POST to https://xxxx/mandrills/email_bounced_back failed: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
I used https://www.sslshopper.com/ssl-checker to check and seems ok (green)
I am using cPanel & WHM 64.0 (build 20)