Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1055119 - [abrt] copr-cli: adapters.py:331:send:SSLError: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Summary: [abrt] copr-cli: adapters.py:331:send:SSLError: [Errno 1] _ssl.c:504: error:1...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: copr
Version: 20
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Miroslav Suchý
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:e4d3cdab395bc93cae4296800c0...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-01-18 22:12 UTC by Igor Gnatenko
Modified: 2014-02-06 03:57 UTC (History)
2 users (show)

Fixed In Version: copr-1.26-1.fc20
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-01-18 22:34:30 UTC


Attachments (Terms of Use)
File: backtrace (deleted)
2014-01-18 22:12 UTC, Igor Gnatenko
no flags Details
File: environ (deleted)
2014-01-18 22:12 UTC, Igor Gnatenko
no flags Details

Description Igor Gnatenko 2014-01-18 22:12:08 UTC
Description of problem:
$ copr-cli build kernel-upstream ./sources/kernel-3.13.0-0.rc8.git999.1.7d0d46da.fc20.src.rpm

Version-Release number of selected component:
copr-cli-1.21-1.fc20

Additional info:
reporter:       libreport-2.1.11
cmdline:        /usr/bin/python2 /usr/bin/copr-cli build kernel-upstream ./sources/kernel-3.13.0-0.rc8.git999.1.7d0d46da.fc20.src.rpm
dso_list:       python-requests-1.2.3-5.fc20.noarch
executable:     /usr/bin/copr-cli
kernel:         3.12.7-300.fc20.x86_64
runlevel:       unknown
type:           Python
uid:            1000

Truncated backtrace:
adapters.py:331:send:SSLError: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Traceback (most recent call last):
  File "/usr/bin/copr-cli", line 9, in <module>
    load_entry_point('copr-cli==0.2.0', 'console_scripts', 'copr-cli')()
  File "/usr/lib/python2.7/site-packages/copr_cli/main.py", line 126, in main
    arg.func(arg)
  File "/usr/lib/python2.7/site-packages/copr_cli/main.py", line 22, in action_build
    args.memory, args.timeout, not args.nowait)
  File "/usr/lib/python2.7/site-packages/copr_cli/subcommands.py", line 195, in build
    data=data)
  File "/usr/lib/python2.7/site-packages/requests/api.py", line 88, in post
    return request('post', url, data=data, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/api.py", line 44, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 335, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 438, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 331, in send
    raise SSLError(e)
SSLError: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Local variables in innermost frame:
chunked: False
e: SSLError(SSLError(1, '_ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed'),)
stream: False
url: '/api/coprs/ignatenkobrain/kernel-upstream/new_build/'
verify: True
self: <requests.adapters.HTTPAdapter object at 0x11bf510>
request: <PreparedRequest [POST]>
cert: None
timeout: None
proxies: OrderedDict()
conn: <urllib3.connectionpool.HTTPSConnectionPool object at 0x11c8090>

Comment 1 Igor Gnatenko 2014-01-18 22:12:15 UTC
Created attachment 852153 [details]
File: backtrace

Comment 2 Igor Gnatenko 2014-01-18 22:12:17 UTC
Created attachment 852154 [details]
File: environ

Comment 3 Igor Gnatenko 2014-01-18 22:13:22 UTC
Another user experienced a similar problem:

$ copr-cli list ignatenkobrain

reporter:       libreport-2.1.11
cmdline:        /usr/bin/python2 /usr/bin/copr-cli list ignatenkobrain
dso_list:       python-requests-1.2.3-5.fc20.noarch
executable:     /usr/bin/copr-cli
kernel:         3.12.7-300.fc20.x86_64
package:        copr-cli-1.21-1.fc20
reason:         adapters.py:331:send:SSLError: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
runlevel:       unknown
type:           Python
uid:            1000

Comment 4 Igor Gnatenko 2014-01-18 22:24:12 UTC
Probably this bug in ca-certificates..

We had the same bug in git.

https://github.com/git/git/commit/01645b749376b7026276112d69d5b9c22b000ee4

Comment 5 Miroslav Suchý 2014-01-18 22:34:30 UTC
Fixe in git commit 00dc6a7 and even in copr.fedoraproject.org - just do not propagate https in /api page until we have properly signed certs.
If you get this error, just fix it by editin ~/.config/copr and change https to http.

Comment 6 Fedora Update System 2014-01-28 00:43:21 UTC
copr-1.26-1.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/copr-1.26-1.el6

Comment 7 Fedora Update System 2014-01-28 00:45:16 UTC
copr-1.26-1.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/copr-1.26-1.fc19

Comment 8 Fedora Update System 2014-01-28 00:52:17 UTC
copr-1.26-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/copr-1.26-1.fc20

Comment 9 Fedora Update System 2014-02-06 03:46:37 UTC
copr-1.26-1.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 Fedora Update System 2014-02-06 03:57:51 UTC
copr-1.26-1.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.