Closed livarcocc closed 5 years ago
nkolev92
commented
5 years ago Is this something consistently reproducible? Can you connect to nuget.org in the browser.
It's happening to NuGet, but it's not necessarily indicative of a client problem.
/cc @scottbommarito maybe he knows if there are any reports about nuget.org's certs.
loic-sharma
commented
5 years ago Could this be related to https://github.com/dotnet/corefx/issues/32224?
ccic
commented
5 years ago @nkolev92 It consistently happens on Linux. But if I run the same command on windows 10, everything is fine. So, I guess it is related to certificate verification on Linux.
ccic
commented
5 years ago @loic-sharma It has similar phenomenon as dotnet/corefx#32224. The difference is I used openssl 1.1.1. I also tried on Ubuntu 18.04, it also reports the same errors.
nkolev92
commented
5 years ago @ccic Are these machines that you manage?
clovertrail
commented
5 years ago @nkolev92 Yes, it was created by myself for development and test.
ccic
commented
5 years ago I found it was caused by my wrong configuration of SSL CA certificate path.
After I update openssl to 1.1.1, the CA path is modified to "/usr/local/ssl/certs", but it is an empty folder. Before updating openssl, the old version points to "/usr/lib/ssl/certs". After I manually link "/usr/local/ssl/certs" to /etc/ssl/certs. This error disappears.
nkolev92
commented
5 years ago Thanks for following up.
Closing this per your comment.
nex0ma
commented
5 years ago opensuse tumbleweed:
003dotnet/worker100> dotnet-sdk.dotnet run /snap/dotnet-sdk/41/sdk/3.0.100-preview6-012264/NuGet.targets(123,5): error : Не удалось загрузить индекс службы для источника https://api.nuget.org/v3/index.json. [/b6w/003dotnet/worker100/worker100.csproj] /snap/dotnet-sdk/41/sdk/3.0.100-preview6-012264/NuGet.targets(123,5): error : The SSL connection could not be established, see inner exception. [/b6w/003dotnet/worker100/worker100.csproj] /snap/dotnet-sdk/41/sdk/3.0.100-preview6-012264/NuGet.targets(123,5): error : The remote certificate is invalid according to the validation procedure. [/b6w/003dotnet/worker100/worker100.csproj]
003dotnet/worker100> dotnet-sdk.dotnet --info Пакет SDK для .NET Core (отражающий любой global.json): Version: 3.0.100-preview6-012264 Commit: be3f0c1a03
Среда выполнения: OS Name: opensuse-tumbleweed OS Version: 20190621 OS Platform: Linux RID: linux-x64 Base Path: /snap/dotnet-sdk/41/sdk/3.0.100-preview6-012264/
Host (useful for support): Version: 3.0.0-preview6-27804-01 Commit: fdf81c6faf
.NET Core SDKs installed: 3.0.100-preview6-012264 [/snap/dotnet-sdk/41/sdk]
.NET Core runtimes installed: Microsoft.AspNetCore.App 3.0.0-preview6.19307.2 [/snap/dotnet-sdk/41/shared/Microsoft.AspNetCore.App] Microsoft.NETCore.App 3.0.0-preview6-27804-01 [/snap/dotnet-sdk/41/shared/Microsoft.NETCore.App]
nex0ma
commented
5 years ago do not worked this projects: -reactredux -nunit -grpc -angular -xunit -nunit -proto
Worked:
gouhan
commented
3 years ago I also has this problem when i used jenkins automaticly build c# project with command "dotnet restore".
the server is windows 2008R2.
but it works well as in my own develop computer.
the error shows details below:
brunodorati
commented
3 years ago I found it was caused by my wrong configuration of SSL CA certificate path.
After I update openssl to 1.1.1, the CA path is modified to "/usr/local/ssl/certs", but it is an empty folder. Before updating openssl, the old version points to "/usr/lib/ssl/certs". After I manually link "/usr/local/ssl/certs" to /etc/ssl/certs. This error disappears.
Works for me. Tanks!
johnfrombluff
commented
2 years ago Does not work for me, sadly, on Fedora 36 Silverblue.
will-crawford
commented
2 years ago Failing on Fedora 35 here. Have tried symlinking /usr/local/ssl -> /etc/ssl, no joy.
Update: worked after creating /usr/{lib,lib64}/ssl and symlinking /etc/ssl/certs into both.
iddm
commented
2 years ago On Archlinux it was only solved for me when I symlinked /etc/ssl to /usr/lib/ssl.
diego98512
commented
2 years ago On Manjaro KDE 21.2.6, what solved it for me was symlinking /etc/ssl to /usr/lib64/ssl as well as /usr/lib/ssl.
mmxgn
commented
1 year ago Does not work for me, sadly, on Fedora 36 Silverblue.
Worked for Fedora 37 Silverblue for me. You have first to enter a toolbox and then follow @will-crawford 's solution.
From @ccic on Wednesday, May 29, 2019 2:00:48 AM
Steps to reproduce
Install dotnet core nightly build 3.0.100-preview6-012026 on Ubuntu 16.04.4 LTS. "OpenSSL 1.0.2g 1 Mar 2016" or "OpenSSL 1.1.1 11 Sep 2018"
Create a new webapp project through dotnet cli:
dotnet new webapp -n WebApp1 -o WebApp1
The template "ASP.NET Core Web App" was created successfully. This template contains technologies from parties other than Microsoft, see https://aka.ms/aspnetcore-template-3pn-210 for details.
Processing post-creation actions... Running 'dotnet restore' on WebApp1/WebApp1.csproj... /home/hongjiang/.dotnet-nightly/sdk/3.0.100-preview6-012026/NuGet.targets(123,5): error : Unable to load the service index for source https://api.nuget.org/v3/index.json. [/home/hongjiang/CodeTest/C#/WebApp1/WebApp1.csproj] /home/hongjiang/.dotnet-nightly/sdk/3.0.100-preview6-012026/NuGet.targets(123,5): error : The SSL connection could not be established, see inner exception. [/home/hongjiang/CodeTest/C#/WebApp1/WebApp1.csproj] /home/hongjiang/.dotnet-nightly/sdk/3.0.100-preview6-012026/NuGet.targets(123,5): error : The remote certificate is invalid according to the validation procedure. [/home/hongjiang/CodeTest/C#/WebApp1/WebApp1.csproj]
Restore failed. Post action failed. Description: Restore NuGet packages required by this project. Manual instructions: Run 'dotnet restore'
Go to WebApp1 and run "dotnet restore -v diag" and get the following errors:
NuGet.Protocol.Core.Types.FatalProtocolException: Unable to load the service index for source https://api.nuget.org/v3/index.json. ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.PartialFrameCallback(AsyncProtocolRequest asyncRequest) --- End of stack trace from previous location where exception was thrown --- at System.Net.Security.SslStream.ThrowIfExceptional() at System.Net.Security.SslStream.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslStream.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult) at System.Net.Security.SslStream.<>c.b__65_1(IAsyncResult iar)
at System.Threading.Tasks.TaskFactory
1.FromAsyncCoreLogic(IAsyncResult iar, Func2 endFunction, Action1 endAction, Task1 promise, Boolean requiresSynchronization)Expected behavior
Actual behavior
Environment data
dotnet --infooutput: .NET Core SDK (reflecting any global.json): Version: 3.0.100-preview6-012026 Commit: 8f2806e85eRuntime Environment: OS Name: ubuntu OS Version: 16.04 OS Platform: Linux RID: ubuntu.16.04-x64 Base Path: /home/hongjiang/.dotnet-nightly/sdk/3.0.100-preview6-012026/
Host (useful for support): Version: 3.0.0-preview6-27720-04 Commit: cdfc67fd8e
.NET Core SDKs installed: 3.0.100-preview6-012026 [/home/hongjiang/.dotnet-nightly/sdk]
.NET Core runtimes installed: Microsoft.AspNetCore.App 3.0.0-preview6-19270-04 [/home/hongjiang/.dotnet-nightly/shared/Microsoft.AspNetCore.App] Microsoft.NETCore.App 2.1.6 [/home/hongjiang/.dotnet-nightly/shared/Microsoft.NETCore.App] Microsoft.NETCore.App 3.0.0-preview6-27720-04 [/home/hongjiang/.dotnet-nightly/shared/Microsoft.NETCore.App]
To install additional .NET Core runtimes or SDKs: https://aka.ms/dotnet-download
Copied from original issue: dotnet/cli#11433