Tag Archives: ssl

[Solved] LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to github.com:443

There is an error when using git to pull the GitHub code base

LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to github.com:443

The solution is as follows:
1 Cancel global proxy first:

git config --global --unset https.proxy
git config --global --unset http.proxy

2. Configure global agent:

git config --global http.https://github.com.proxy socks5://127.0.0.1:1080 
git config --global https.https://github.com.proxy socks5://127.0.0.1:1080

Note that 1080 is changed to the port number of its own proxy service

Repo init Error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed

Repo init reports an error [SSL: certificate_verify_failed] certificate verify failed

The complete error information is shown in the figure below:

According to the online method, I tried export pythonhttsverify = 0 and still reported an error

Try the following method to set the environment variable SSL_CERT_Dir, problem solving, you might as well try it.

$ sudo update-ca-certificates --fresh
$ export SSL_CERT_DIR=/etc/ssl/certs

Ansible Use yum module to install rpm Error: Request failed: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate v

Project scenario:

Today I used Ansible to install postgresql-13 and wrote the following test script from the official installation tutorial.

- hosts: postgresql
  gather_facts: false
  tasks:
    - name: install pg repo
      yum:
        name: https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm
        state: present
    - name: install pg
      yum:
        name: postgresql13-server
        state: present
    - name:
      stat:
        path: "/var/lib/pgsql/data/pg_hba.conf"
      register: postgres_data
    - name:
      shell: "/usr/pgsql-13/bin/postgresql-13-setup initdb"
      when: not postgres_data.stat.exists
    - name:
      systemd:
        name: postgresql-13
        enabled: yes
        daemon_reload: yes
        state: started

Problem Description:

the following error occurs when running the script:

fatal: [172.17.200.2]: FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "msg": "Failure downloading https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm, Request failed: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)>"}

Solution:

Just modify https to http in https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm

[Solved] PostgreSQL configure: error: readline library not found

preface

An error occurs when installing PostgreSQL, as shown below

configure: error: readline library not found
If you have readline already installed, see config.log for details on the
failure.  It is possible the compiler isn't looking in the proper directory.
Use --without-readline to disable readline support.

Solution:

Check whether the readLine package is installed in the system

rpm -qa | grep readline

Install readline-devel pack

yum -y install -y readline-devel

Execute configure again successfully

The explanation of readLine comes from the official website

--without-readline
Prevents use of the Readline library (and libedit as well). Thisoption disables command-line
editing and history in psql, so it is notrecommended.

Note: when you execute configure, you can add “– without readLine” to avoid this error, but PostgreSQL officials do not recommend it

[Solved] cURL error 60: SSL certificate problem: unable to get local issuer certificate

When the PHP server curl is based on the HTTPS protocol API, this problem will be reported if the environment does not handle it:

cURL error 60: SSL certificate problem: unable to get local issuer certificate

Solution:
(1) download the file used to support HTTPS

(2) Place the file in a location, such as “C:\env\cacert.PEM”

(3) Modify php.ini and add support for cacert.pem

[Solved] Pytorch Download CIFAR1 Datas Error: urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certi

urllib.error.URLError: < urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certi

Solution:

Add the following two lines of code before the code starts:

import ssl
ssl._create_default_https_context = ssl._create_unverified_context

Complete example:

import torch
import torchvision
import torchvision.transforms as transforms
import ssl
ssl._create_default_https_context = ssl._create_unverified_context
#Download the data set and adjust the image, because the output of the torchvision data set is in PILImage format, and the data field is in [0,1]
#We convert it into the tensor format of the standard data field [-1,1]
#transform Data Converter
transform=transforms.Compose([transforms.ToTensor(),transforms.Normalize((0.5,0.5,0.5),(0.5,0.5,0.5))])
trainset=torchvision.datasets.CIFAR10(root='./data',train=True,download=True,transform=transform)
# The downloaded data is placed in the trainset
trainloader=torch.utils.data.DataLoader(trainset,batch_size=4,shuffle=True,num_workers=2)
# DataLoader Data Iterator Encapsulate data into DataLoader
# num_workers: Two threads read data
# batch_size=4 batch processing

testset=torchvision.datasets.CIFAR10(root='./data',train=False,download=True,transform=transform)
testloader=torch.utils.data.DataLoader(testset,batch_size=4,shuffle=False,num_workers=2)
classes=('airplane', 'automobile', 'bird', 'cat', 'deer', 'dog', 'frog', 'horse', 'ship', 'truck')

Download result

Error: write EPROTO 1593982200:error:100000f7:SSL routines:OPENSSL_internal

The probability is a nginx configuration problem. If the request is sent incorrectly, an SSL exception will be reported. The following is my configuration. The problem has been solved. If the certificate cannot be loaded, try to write the certificate path to the root directory.

 

 

ssl on;
        ssl_certificate         ssl/_.fetiononline.com.crt;
        ssl_certificate_key     ssl/_.fetiononline.com.key;
            
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;