Could it be anything to do with the fact that the signer is Semantic and they are being actively distrusted by - at least - Google: http://www.securityweek.com/google-stops-trusting-symantec-issued-certificates
Regards, Alex. ---- http://www.solr-start.com/ - Resources for Solr users, new and experienced On 19 April 2017 at 16:22, Joel Bernstein <[email protected]> wrote: > Ok, I'll turn off the cert verification. I wasn't sure if cert verification > was something that was integral to the process. > > Joel Bernstein > http://joelsolr.blogspot.com/ > > On Wed, Apr 19, 2017 at 4:18 PM, Steve Rowe <[email protected]> wrote: >> >> Hi Joel, >> >> Not sure why this is suddenly an issue - I guess “SNI” >> <https://en.wikipedia.org/wiki/Server_Name_Indication> has been enabled on >> archive.apache.org? >> >> Some useful info here (about a “requests” lib, AFAICT an alternative to >> urllib): >> <http://docs.python-requests.org/en/master/community/faq/#what-are-hostname-doesn-t-match-errors> >> >> Short term, you could turn off certificate verification. The bottom >> answer here uses the same lib as the script (urllib instead of urllib2, >> which is assumed in the other answers on the page), to turn off certificate >> verification: >> >> >> <http://stackoverflow.com/questions/19268548/python-ignore-certicate-validation-urllib2> >> >> -- >> Steve >> www.lucidworks.com >> >> > On Apr 19, 2017, at 3:43 PM, Joel Bernstein <[email protected]> wrote: >> > >> > It appears that it's failing on verifying the SSL cert for >> > https://archive.apache.org/dist/lucene/java/. >> > >> > >> > >> > Joel Bernstein >> > http://joelsolr.blogspot.com/ >> > >> > On Wed, Apr 19, 2017 at 3:36 PM, Joel Bernstein <[email protected]> >> > wrote: >> > I started working on 6.5.1 RC2. I ran the following: >> > python3 -u dev-tools/scripts/buildAndPushRelease.py --push-local >> > /tmp/releases/6.5.1 --rc-num 2 --sign EE64CB1E >> > >> > I believe this is same basic command I used for RC1. But this time I got >> > a new error. At first I thought it might be incorrect keystore password but >> > I changed it and it is correct. Any thoughts what the issue is? >> > >> > Traceback (most recent call last): >> > >> > File "dev-tools/scripts/buildAndPushRelease.py", line 313, in <module> >> > >> > main() >> > >> > File "dev-tools/scripts/buildAndPushRelease.py", line 294, in main >> > >> > rev = prepare(c.root, c.version, c.key_id, c.key_password) >> > >> > File "dev-tools/scripts/buildAndPushRelease.py", line 98, in prepare >> > >> > checkDOAPfiles(version) >> > >> > File "dev-tools/scripts/buildAndPushRelease.py", line 143, in >> > checkDOAPfiles >> > >> > distpage = load(url) >> > >> > File "dev-tools/scripts/buildAndPushRelease.py", line 67, in load >> > >> > content = urllib.request.urlopen(urlString).read().decode('utf-8') >> > >> > File >> > "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/urllib/request.py", >> > line 223, in urlopen >> > >> > return opener.open(url, data, timeout) >> > >> > File >> > "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/urllib/request.py", >> > line 526, in open >> > >> > response = self._open(req, data) >> > >> > File >> > "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/urllib/request.py", >> > line 544, in _open >> > >> > '_open', req) >> > >> > File >> > "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/urllib/request.py", >> > line 504, in _call_chain >> > >> > result = func(*args) >> > >> > File >> > "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/urllib/request.py", >> > line 1361, in https_open >> > >> > context=self._context, check_hostname=self._check_hostname) >> > >> > File >> > "/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/urllib/request.py", >> > line 1320, in do_open >> > >> > raise URLError(err) >> > >> > urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] >> > certificate verify failed (_ssl.c:749)> >> > >> > >> > >> > >> > Joel Bernstein >> > http://joelsolr.blogspot.com/ >> > >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
