Bug 1635156 - [abrt] did: do_open(): urllib2.py:1200:do_open:URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:726)>
Summary: [abrt] did: do_open(): urllib2.py:1200:do_open:URLError: <urlopen error [SSL:...
Status: CLOSED EOL
Alias: None
Product: Fedora
Classification: Fedora
Component: did
Version: 28
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Petr Šplíchal
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:09ccdf3be60b9d18560c0c6d3ad...
Keywords: Reopened
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-10-02 08:49 UTC by Karel Volný
Modified: 2019-05-28 23:28 UTC (History)
1 user (show)

(edit)
Clone Of:
(edit)
Last Closed: 2019-05-28 23:28:39 UTC


Attachments (Terms of Use)
File: backtrace (2.00 KB, text/plain)
2018-10-02 08:49 UTC, Karel Volný
no flags Details
File: cgroup (341 bytes, text/plain)
2018-10-02 08:49 UTC, Karel Volný
no flags Details
File: cpuinfo (1.34 KB, text/plain)
2018-10-02 08:49 UTC, Karel Volný
no flags Details
File: environ (3.22 KB, text/plain)
2018-10-02 08:49 UTC, Karel Volný
no flags Details
File: mountinfo (3.37 KB, text/plain)
2018-10-02 08:49 UTC, Karel Volný
no flags Details
File: namespaces (129 bytes, text/plain)
2018-10-02 08:49 UTC, Karel Volný
no flags Details
File: open_fds (1021 bytes, text/plain)
2018-10-02 08:49 UTC, Karel Volný
no flags Details

Description Karel Volný 2018-10-02 08:49:39 UTC
Description of problem:
problem verifying certificate, I guess the backtrace says that all ...

Version-Release number of selected component:
did-0.9-7.fc28

Additional info:
reporter:       libreport-2.9.5
cmdline:        /usr/bin/python2 /usr/bin/did this week
crash_function: do_open
exception_type: URLError
executable:     /usr/bin/did
interpreter:    python2-2.7.15-3.fc28.x86_64
kernel:         4.18.9-200.fc28.x86_64
runlevel:       N 5
type:           Python
uid:            1000

Truncated backtrace:
urllib2.py:1200:do_open:URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:726)>

Traceback (most recent call last):
  File "/usr/bin/did", line 42, in <module>
    did.cli.main()
  File "/usr/lib/python2.7/site-packages/did/cli.py", line 190, in main
    user_stats.check()
  File "/usr/lib/python2.7/site-packages/did/stats.py", line 134, in check
    stat.check()
  File "/usr/lib/python2.7/site-packages/did/stats.py", line 134, in check
    stat.check()
  File "/usr/lib/python2.7/site-packages/did/stats.py", line 79, in check
    self.fetch()
  File "/usr/lib/python2.7/site-packages/did/plugins/jira.py", line 140, in fetch
    self.stats = Issue.search(query, stats=self)
  File "/usr/lib/python2.7/site-packages/did/plugins/jira.py", line 94, in search
    result = stats.parent.session.open(
  File "/usr/lib/python2.7/site-packages/did/plugins/jira.py", line 268, in session
    self._session.open(self.auth_url)
  File "/usr/lib64/python2.7/urllib2.py", line 429, in open
    response = self._open(req, data)
  File "/usr/lib64/python2.7/urllib2.py", line 447, in _open
    '_open', req)
  File "/usr/lib64/python2.7/urllib2.py", line 407, in _call_chain
    result = func(*args)
  File "/usr/lib64/python2.7/urllib2.py", line 1243, in https_open
    context=self._context)
  File "/usr/lib64/python2.7/urllib2.py", line 1200, in do_open
    raise URLError(err)
URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:726)>

Local variables in innermost frame:
err: SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:726)')
h: <httplib.HTTPSConnection instance at 0x7f4ccb15d8c0>
self: <urllib2.HTTPSHandler instance at 0x7f4ccb15def0>
req: <urllib2.Request instance at 0x7f4ccb15d560>
headers: {'Host': u'maitai.engineering.redhat.com', 'Connection': 'close', 'User-Agent': 'Python-urllib/2.7'}
host: u'maitai.engineering.redhat.com'
http_class: <class httplib.HTTPSConnection at 0x7f4ccd002e20>
http_conn_args: {'context': None}

Comment 1 Karel Volný 2018-10-02 08:49:43 UTC
Created attachment 1489342 [details]
File: backtrace

Comment 2 Karel Volný 2018-10-02 08:49:44 UTC
Created attachment 1489343 [details]
File: cgroup

Comment 3 Karel Volný 2018-10-02 08:49:46 UTC
Created attachment 1489344 [details]
File: cpuinfo

Comment 4 Karel Volný 2018-10-02 08:49:47 UTC
Created attachment 1489345 [details]
File: environ

Comment 5 Karel Volný 2018-10-02 08:49:48 UTC
Created attachment 1489346 [details]
File: mountinfo

Comment 6 Karel Volný 2018-10-02 08:49:50 UTC
Created attachment 1489347 [details]
File: namespaces

Comment 7 Karel Volný 2018-10-02 08:49:51 UTC
Created attachment 1489348 [details]
File: open_fds

Comment 8 Petr Šplíchal 2018-11-26 13:01:19 UTC
Jira plugin has been updated to use python-requests:
https://github.com/psss/did/commit/b61d50b

However, the certificate problem might appear with the new version
if your python-requests package is not configured properly. You
might also want to check the fresh "Questions" docs section:
https://did.readthedocs.io/en/latest/questions/#certificates

Comment 9 Petr Šplíchal 2018-11-29 08:49:00 UTC
did-0.11-1.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-a028b681ac

Comment 10 Fedora Update System 2018-11-29 16:22:39 UTC
did-0.11-2.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-fbb054cca2

Comment 11 Fedora Update System 2018-11-29 16:49:22 UTC
did-0.11-3.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-d576cc22af

Comment 12 Fedora Update System 2018-11-30 03:14:38 UTC
did-0.11-3.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-d576cc22af

Comment 13 Fedora Update System 2018-12-05 01:56:48 UTC
did-0.11-1.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.

Comment 14 Fedora Update System 2018-12-05 02:35:14 UTC
did-0.11-1.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.

Comment 15 Fedora Update System 2018-12-19 00:39:27 UTC
did-0.11-3.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.

Comment 16 Karel Volný 2018-12-20 14:42:39 UTC
(In reply to Petr Šplíchal from comment #8)
> Jira plugin has been updated to use python-requests:
> https://github.com/psss/did/commit/b61d50b
> 
> However, the certificate problem might appear with the new version
> if your python-requests package is not configured properly. You
> might also want to check the fresh "Questions" docs section:
> https://did.readthedocs.io/en/latest/questions/#certificates

I guess I'd need better explanation what does it mean "configured properly" ...

in addition, as the package is pulled in as dependency, I'd expect things to work out of the box (resolved by the package that pulls the dependency)

using 'export REQUESTS_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt' doesn't seem to help

Traceback (most recent call last):
  File "/usr/bin/did", line 42, in <module>
    did.cli.main()
  File "/usr/lib/python2.7/site-packages/did/cli.py", line 190, in main
    user_stats.check()
  File "/usr/lib/python2.7/site-packages/did/stats.py", line 136, in check
    stat.check()
  File "/usr/lib/python2.7/site-packages/did/stats.py", line 136, in check
    stat.check()
  File "/usr/lib/python2.7/site-packages/did/stats.py", line 79, in check
    self.fetch()
  File "/usr/lib/python2.7/site-packages/did/plugins/jira.py", line 136, in fetch
    self.stats = Issue.search(query, stats=self)
  File "/usr/lib/python2.7/site-packages/did/plugins/jira.py", line 90, in search
    response = stats.parent.session.get(
  File "/usr/lib/python2.7/site-packages/did/plugins/jira.py", line 259, in session
    response = self._session.get(self.auth_url, auth=gssapi_auth)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 537, in get
    return self.request('GET', url, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 524, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 637, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 514, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='maitai.engineering.redhat.com', port=443): Max retries exceeded with url: /step-auth-gss (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:726)'),))

Comment 17 Ben Cotton 2019-05-02 20:06:25 UTC
This message is a reminder that Fedora 28 is nearing its end of life.
On 2019-May-28 Fedora will stop maintaining and issuing updates for
Fedora 28. It is Fedora's policy to close all bug reports from releases
that are no longer maintained. At that time this bug will be closed as
EOL if it remains open with a Fedora 'version' of '28'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 28 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

Comment 18 Ben Cotton 2019-05-28 23:28:39 UTC
Fedora 28 changed to end-of-life (EOL) status on 2019-05-28. Fedora 28 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.


Note You need to log in before you can comment on or make changes to this bug.