Closed valeriupredoi closed 2 years ago
Looks like something wrong with the hostname, can you try:
logon:
hostname: "slcs.ceda.ac.uk"
instead? I think this is only required if you want to download CORDEX data. All the other data can be downloaded without logging in, as far as I'm aware.
Note that hosname of the search service is not necessarily the same as the hostname of the authentication service (it differs for CEDA).
cheers @bouweandela - that's what I thought too, regular data needs no actual authentication :+1:
Hi both, thanks for the quick replies about this. Hoping it's an easy fix.
hostname: "slcs.ceda.ac.uk"
This did not solve the problem. I struggled to figure out the correct address for CEDA and I've tried several. The error message output is:
File "/home/users/ldemora/workspace/ESMValTool/ESMValCore/esmvalcore/_main.py", line 428, in run
logon()
File "/home/users/ldemora/workspace/ESMValTool/ESMValCore/esmvalcore/esgf/_logon.py", line 28, in logon
manager.logon(**cfg['logon'])
File "/home/users/ldemora/miniconda3/envs/esmvaltool/lib/python3.10/site-packages/pyesgf/logon.py", line 184, in logon
creds = c.logon(username, password,
File "/home/users/ldemora/miniconda3/envs/esmvaltool/lib/python3.10/site-packages/myproxy/client/__init__.py", line 1505, in logon
conn.write(self.__class__.GLOBUS_INIT_MSG)
File "/home/users/ldemora/miniconda3/envs/esmvaltool/lib/python3.10/site-packages/OpenSSL/SSL.py", line 1899, in send
self._raise_ssl_error(self._ssl, result)
File "/home/users/ldemora/miniconda3/envs/esmvaltool/lib/python3.10/site-packages/OpenSSL/SSL.py", line 1715, in _raise_ssl_error
_openssl_assert(
File "/home/users/ldemora/miniconda3/envs/esmvaltool/lib/python3.10/site-packages/OpenSSL/_util.py", line 71, in openssl_assert
exception_from_error_queue(error)
File "/home/users/ldemora/miniconda3/envs/esmvaltool/lib/python3.10/site-packages/OpenSSL/_util.py", line 57, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', '', 'certificate verify failed')]
This breaks for me on jasmin for every recipe with offline false
, not just those that that request unusual data. It also breaks for recipes where the data already exists on jasmin and shouldn't need to be downloaded.
I'd also mention that I have not upgrade ESMValTool yet, only ESMValCore. Is that likely to impact this?
If you enter the url of your esgf openid in your browser, it will show you the correct url of the login service.
Apart from that, you can just remove the file ~/.esmvaltool/esgf-pyclient.yml if you do not want to log in. We have fairly extensive documentation available here: https://docs.esmvaltool.org/projects/esmvalcore/en/latest/quickstart/configure.html#esgf-configuration
Okay, that's going to be my solution: delete the esgf file. It seems to works now.
Let's call this sovled, but I suspect the underlying issue may arise again. Probably not ESMValTool's fault, but a possible slight improvement in documentation would be to add instructions on where to find the hostname
details for .esmvaltool/esgf-pyclient.yml
.
@ledm has reported this to me just now (I currently can't connect to JASMIN at all - not coz the cluster is down, just user-related issues with my cert) so I can't test, can any of the JASMIN-enabled peeps from @ESMValGroup/technical-lead-development-team try this and see what they get please? :beer: Message from Lee:
So, I upgraded esmvalcore main to the most recent code. Created a new fresh environment, Installed as editable, as usual I’ve set up the esgf details:
logon:
I get this error from pretty much every recipe, when running in -offline false: