Https no cert for install script

not-bugs

#1

when i try to run the install code from the front page
apt-get -y update; apt-get -y upgrade; apt-get -y install git lsb-release;
git clone --recursive https://lab.quickbox.io/QuickBox/QuickBox QuickBox &&
bash ~/QuickBox/setup/quickbox-setup
i get this error. see below

Cloning into ‘QuickBox’…
fatal: unable to access ‘https://lab.quickbox.io:443/QuickBox/QuickBox/’: server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none


#2

I cannot confirm. Anyone else hitting this issue?

@tchoot, can you browse to the repo itself:
https://lab.quickbox.io/QuickBox/QuickBox

Also, what does the following produce:

curl https://lab.quickbox.io/QuickBox/QuickBox

The following is my result…

[email protected]:~# git clone --recursive https://lab.quickbox.io/QuickBox/QuickBox QuickBox
Cloning into 'QuickBox'...
remote: Counting objects: 248, done.
remote: Compressing objects: 100% (137/137), done.
remote: Total 248 (delta 119), reused 231 (delta 110)
Receiving objects: 100% (248/248), 31.12 KiB | 0 bytes/s, done.
Resolving deltas: 100% (119/119), done.
Checking connectivity... done.
Submodule 'dashboard' (https://lab.quickbox.io/QuickBox/quickbox_dashboard.git) registered for path 'dashboard'
Submodule 'packages' (https://lab.quickbox.io/QuickBox/quickbox_packages.git) registered for path 'packages'
Submodule 'rtplugins' (https://lab.quickbox.io/QuickBox/quickbox_rutorrent-plugins.git) registered for path 'rtplugins'
Submodule 'rutorrent' (https://lab.quickbox.io/QuickBox/quickbox_rutorrent.git) registered for path 'rutorrent'
Submodule 'setup' (https://lab.quickbox.io/QuickBox/quickbox_setup.git) registered for path 'setup'
Cloning into 'dashboard'...
remote: Counting objects: 1175, done.
remote: Compressing objects: 100% (590/590), done.
remote: Total 1175 (delta 572), reused 1175 (delta 572)
Receiving objects: 100% (1175/1175), 2.13 MiB | 1.53 MiB/s, done.
Resolving deltas: 100% (572/572), done.
Checking connectivity... done.
Submodule path 'dashboard': checked out '09c695ba8d7a24ae54c2229facf4f6498364a542'
Cloning into 'packages'...
remote: Counting objects: 2009, done.
remote: Compressing objects: 100% (646/646), done.
remote: Total 2009 (delta 1354), reused 2009 (delta 1354)
Receiving objects: 100% (2009/2009), 253.29 KiB | 0 bytes/s, done.
Resolving deltas: 100% (1354/1354), done.
Checking connectivity... done.
Submodule path 'packages': checked out '5ca0e9ed3d5a9cf7b20b7adef46bdfde1d5e6385'
Cloning into 'rtplugins'...
remote: Counting objects: 2619, done.
remote: Compressing objects: 100% (2144/2144), done.
remote: Total 2619 (delta 451), reused 2619 (delta 451)
Receiving objects: 100% (2619/2619), 1.54 MiB | 776.00 KiB/s, done.
Resolving deltas: 100% (451/451), done.
Checking connectivity... done.
Submodule path 'rtplugins': checked out '2a5054f3c4092dc0694b9c9a5817b0c8fa403563'
Cloning into 'rutorrent'...
remote: Counting objects: 2356, done.
remote: Compressing objects: 100% (2127/2127), done.
remote: Total 2356 (delta 199), reused 2356 (delta 199)
Receiving objects: 100% (2356/2356), 1.87 MiB | 1.45 MiB/s, done.
Resolving deltas: 100% (199/199), done.
Checking connectivity... done.
Submodule path 'rutorrent': checked out '6dd42ca06678a82c742f941fb188a8e79a6163ea'
Cloning into 'setup'...
remote: Counting objects: 1817, done.
remote: Compressing objects: 100% (843/843), done.
remote: Total 1817 (delta 952), reused 1804 (delta 942)
Receiving objects: 100% (1817/1817), 9.17 MiB | 2.28 MiB/s, done.
Resolving deltas: 100% (952/952), done.
Checking connectivity... done.
Submodule path 'setup': checked out 'e171e46953f0fcf42713f8aaeeda279cb14342fd'
[email protected]:~#

#3

is there a way to go around the cert issue? if its just me
[email protected]:/home/tyler# curl https://lab.quickbox.io/QuickBox/QuickBox
curl: (60) SSL certificate problem: certificate is not yet valid
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn’t adequate, you can specify an alternate file
using the --cacert option.

If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you’d like to turn off curl’s verification of the certificate, use
the -k (or --insecure) option.


#4

Are you trying to do this while not root?


#5

im root
and i think i know what happened the onboard clock…


#6

yes its the onbord clock…
it must of lost its time when the battery died…

it’s date was 7/25/2014…

fixed now…


#7

Ah, yeah, I just checked and it’s all correct and valid:

[email protected]:~# echo -n | openssl s_client -showcerts -connect lab.quickbox.io:443 2>/dev/null  | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'| openssl x509 -noout -text | grep "CA Issuers" | head -1
                CA Issuers - URI:http://cert.int-x3.letsencrypt.org/

You could also try to do export GIT_SSL_NO_VERIFY=1 then try the git clone once more. Make sure you remove the ~/QuickBox directory first.


#8

its working my own bug…


#9

Awesome! Glad it’s working… almost had me in a panic :stuck_out_tongue_winking_eye:


#10

got to love when a device loses its brains and forgets the time…


#11

Sounds like me right now! :fireworks:


#12

building a mobile seedbox out of a small military device that has a 2 core atom proccessor and a gig of ram and a 80gb ssd and a gigibt nic. its a 32bit proccesor too…