Message boards : Number crunching : Peer certificate cannot be authenticated with given CA certificates
Previous · 1 · 2 · 3 · 4 · 5 · 6 . . . 9 · Next
Author | Message |
---|---|
Mr P Hucker Send message Joined: 12 Aug 06 Posts: 1600 Credit: 11,845,183 RAC: 9,025 |
run command prompt as administrator Macs are probably more sensible like Linux, using a central store of these keys in the OS, rather than just in the Boinc folder. Apple update those presumably, for every program you run not just Boinc. Windows SSL keys are a mess, some in the registry, some in the system folder, some in program folders.... |
Mr P Hucker Send message Joined: 12 Aug 06 Posts: 1600 Credit: 11,845,183 RAC: 9,025 |
Alongside the issues here, which most of us here are solving on PCs though not on Android, the project front page <had been> showing maybe 780k completed tasks in the last 24hrs Does Boinc auto-update? If so, Boinc could release a new version with an updated security file. If it doesn't autoupdate, then Rosetta (and LHC and Numberfields) should email every user and tell them to update Boinc. |
Tomcat雄猫 Send message Joined: 20 Dec 14 Posts: 180 Credit: 5,386,173 RAC: 0 |
Presumably this will rectify after midnight in each user's timezone? In Android 9 (Pie) the following DID NOT WORK: I'm running WCG on my two phones now. I am concerned about the impact on this project though. |
Erich56 Send message Joined: 11 Jan 16 Posts: 35 Credit: 1,437,503 RAC: 0 |
I am concerned about the impact on this project though.So am I. If there won't be a fast and easy solution available to everyone, many valuable crunchers may abandon the project. |
Warren Brandon Send message Joined: 16 Mar 20 Posts: 1 Credit: 49,937 RAC: 0 |
I analyzed the ca-bundle.crt file and found out that AddTrust External Root certificate expired today. This worked for me perfectly, I had to open the file in Notepad++ as admin but afterwards I could connect to the project again. Thank you so much |
Siran d'Vel'nahr Send message Joined: 15 Nov 06 Posts: 72 Credit: 2,674,678 RAC: 0 |
Greetings, I am running Linux Mint v19.3 which is based on Ubuntu. I have done the following procedure: The procedure that worked for me on Ubuntu 18.04.4: I restarted BOINC and am still getting stuck uploads and reports. Is there something else that needs to be done. I have only been using Linux continually for about 8 months, so I'm sorta a noob. ;) Have a great day! :) Siran CAPT Siran d'Vel'nahr XO USS Vre'kasht NCC-33187 "Logic is the cement of our civilization with which we ascend from chaos using reason as our guide." - T'Plana-hath |
Sid Celery Send message Joined: 11 Feb 08 Posts: 2125 Credit: 41,249,734 RAC: 9,368 |
Sid Celery wrote:I'm not sure what anyone at Rosetta can do Not being knowledgeable enough myself, I can only hope those "might be's" turn into "can do's" |
Sid Celery Send message Joined: 11 Feb 08 Posts: 2125 Credit: 41,249,734 RAC: 9,368 |
Does Boinc auto-update? If so, Boinc could release a new version with an updated security file. It doesn't auto-update, no. Though it could auto-update Android Boinc if people's Google Play Store settings allow it |
Sid Celery Send message Joined: 11 Feb 08 Posts: 2125 Credit: 41,249,734 RAC: 9,368 |
[quote]Welp, I guess that's two Android devices down for me. One because of issues with BOINC and Android 9.0, plus the fact that I don't charge that device enough to meet the deadlines. One because of this certificate expiring. From the sound of things, I'm inclined to advise people to suspend all Android Rosetta tasks, abort those that haven't started, and switch to run or join WCG's Open Pandemics CV19 tasks. I can't be sure this issue will be fixed before deadlines and that time is better spent running something productive. If Admins aren't around until Monday it'll have been 2 days before they can begin to look for a solution and Android deadlines will likely be missed |
CasualPhotos Send message Joined: 26 Jun 16 Posts: 1 Credit: 1,052,738 RAC: 427 |
...Such things should be fixed by BOINC programmers centrally, rather than manually editing certificate file by each user. I could not agree more. First, this never should have happened. Second, the solution has to be 'pushed' to each client versus having every user manually edit a configuration file on each machine doing work. While it's well within my capabilities to make the changes it's a matter of professional 'outrage' (I'm a former S/W developer who understands how things should be done) I'm going to leave things as they are until the powers that be correct the problem properly. In the meantime the WGC OpenPandemics project is getting a lot more processing time on my systems. |
Cartoonman Send message Joined: 9 Oct 08 Posts: 13 Credit: 7,274,094 RAC: 626 |
Update for everyone reading this thread (esp. Android users): A Github issue has been made and BOINC maintainers have been alerted. Please see https://github.com/BOINC/boinc/issues/3789 for details. Currently there are workarounds available for Windows and Linux (and possibly Mac as well). Android currently does not appear to have a viable workaround, and an APK update is being pressured. |
Richard Haselgrove Send message Joined: 4 Oct 18 Posts: 4 Credit: 301,393 RAC: 0 |
In addition to making that GitHub issue, I also sent a direct email to the key personnel. But it is the weekend, and there are practical issues regarding gaining access to offices around the world at the moment. |
Vincent Dark Send message Joined: 29 Sep 12 Posts: 1 Credit: 9,216,165 RAC: 0 |
I've tried all the methods above, but noting working on my ubuntu14.04 rigs, so sad. |
JohnDK Send message Joined: 6 Apr 20 Posts: 33 Credit: 2,390,240 RAC: 0 |
Greetings, Are you 100% sure 1720081.crt was moved to /usr/local/share/ca-certificates before doing sudo update-ca-certificates? btw if wasn't necessary to restart BOINC for me, it just worked. |
Siran d'Vel'nahr Send message Joined: 15 Nov 06 Posts: 72 Credit: 2,674,678 RAC: 0 |
-[ snip ]- Hi John, Yes, I double checked to make sure the file was moved. I'll be logging into Winders 10 in a bit, so I'll see what happens when I log back into Linux. I just tried a manual upload restart and got a 23 minute back off from the server. :( Have a great day! :) Siran CAPT Siran d'Vel'nahr XO USS Vre'kasht NCC-33187 "Logic is the cement of our civilization with which we ascend from chaos using reason as our guide." - T'Plana-hath |
Jim Brossard Send message Joined: 11 Dec 05 Posts: 5 Credit: 2,455,170 RAC: 1,091 |
...Such things should be fixed by BOINC programmers centrally, rather than manually editing certificate file by each user. I have checked the master file at https://raw.githubusercontent.com/bagder/ca-bundle/master/ca-bundle.crt and it also contains the expired cert. It looks like the BOINC team used the latest ca-bundle.crt file available. Blame the maintainers of the ca-bundle.crt file. |
yoerik Send message Joined: 24 Mar 20 Posts: 128 Credit: 169,525 RAC: 0 |
I analyzed the ca-bundle.crt file and found out that AddTrust External Root certificate expired today. instead of using command prompt (which I found wasn't working for me, probably did something wrong but *shrug* I instead used Properties - Security - and gave users full control over that file. Used notepad to edit and could save no issue. |
keik Send message Joined: 8 May 20 Posts: 5 Credit: 43,612 RAC: 0 |
I have followed threads and GitHub and BOINC still refused to connect so tried few things, and these are my results: 1) download ca-bundle.crt linked by Tony https://boinc.berkeley.edu/forum_thread.php?id=13758&postid=98903#98903 2) copy 1720081.crt certificate from GitHub https://github.com/BOINC/boinc/issues/3789 3) in Tony's crt file search for "COMO" and paste 1720081's certificate string under each already present Comodo related certyficate, then save the file 4) turn off BOINC and don't let it autostart (check BOINC settings and Task Manager "Start up" tab) 5) reset PC 6) before logging into Windows, reset it again and confirm if there's a prompt 7) log in and manually run BOINC 8) let it update and carry on folding |
Jim Martin Send message Joined: 9 Oct 05 Posts: 23 Credit: 1,425,030 RAC: 579 |
Erich, et. al. May I suggest that someone with more authority than I have, notify BOINC software engineering, to up-rev BOINC, with our problem. It's certainly impacted some important wu's. Perhaps, this has already been brought to BOINC's attention. If so, I await uploading ops. to commence, with the next BOINC rev. |
hnapel Send message Joined: 8 Apr 20 Posts: 8 Credit: 835,346 RAC: 0 |
You can also open Notepad as administrator and it will work to save the file after the edit. |
Message boards :
Number crunching :
Peer certificate cannot be authenticated with given CA certificates
©2024 University of Washington
https://www.bakerlab.org