TrustFailure (The authentication or decryption has failed.)

[ghost]

I have created a small test site where I am calculating a route from Paris to Berlin using Google's directions API (through a JSON type provider) and returning it to the user. It works locally and I can successfully deploy and build it on Heroku. However, once I try to access the site from Heroku I get this (in the log):

> 2016-10-05T13:51:07.056816+00:00 heroku[web.1]: Starting process with command `fsharpi-heroku startup.fsx`
> 2016-10-05T13:51:33.301369+00:00 app[web.1]: System.Net.WebException: Error: TrustFailure (The authentication or decryption has failed.)  at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) <0x41c53640 + 0x001ed> in <filename unknown>:0 
> 2016-10-05T13:51:33.301384+00:00 app[web.1]:   at FSharp.Data.HttpHelpers+getResponseFromBeginEnd@609-1.Invoke (IAsyncResult arg00) <0x41c53610 + 0x00024> in <filename unknown>:0 
> 2016-10-05T13:51:33.301386+00:00 app[web.1]:   at <StartupCode$FSharp-Core>.$Control+callback@1875[T].Invoke (IAsyncResult ar) <0x41c52c90 + 0x00176> in <filename unknown>:0 
> 2016-10-05T13:51:33.301387+00:00 app[web.1]:  ---> System.IO.IOException: The authentication or decryption has failed. ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server. Error code: 0xffffffff800b010a
> 2016-10-05T13:51:33.301387+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.RecordProtocol.EndReceiveRecord (IAsyncResult asyncResult) <0x41c2adc0 + 0x0013e> in <filename unknown>:0 
> 2016-10-05T13:51:33.301420+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.SslClientStream.SafeEndReceiveRecord (IAsyncResult ar, Boolean ignoreEmpty) <0x41c2acf0 + 0x00031> in <filename unknown>:0 
> 2016-10-05T13:51:33.301421+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.SslClientStream.NegotiateAsyncWorker (IAsyncResult result) <0x41c23950 + 0x0023a> in <filename unknown>:0 
> 2016-10-05T13:51:33.301422+00:00 app[web.1]:   --- End of inner exception stack trace ---
> 2016-10-05T13:51:33.301423+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.SslClientStream.EndNegotiateHandshake (IAsyncResult result) <0x41c51d60 + 0x000f3> in <filename unknown>:0 
> 2016-10-05T13:51:33.301424+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) <0x41c51ab0 + 0x00086> in <filename unknown>:0 
> 2016-10-05T13:51:33.301424+00:00 app[web.1]:   --- End of inner exception stack trace ---
> 2016-10-05T13:51:33.301425+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.SslStreamBase.EndRead (IAsyncResult asyncResult) <0x41c20ba0 + 0x00199> in <filename unknown>:0 
> 2016-10-05T13:51:33.301426+00:00 app[web.1]:   at Mono.Net.Security.Private.LegacySslStream.EndAuthenticateAsClient (IAsyncResult asyncResult) <0x41c20970 + 0x00042> in <filename unknown>:0 
> 2016-10-05T13:51:33.301442+00:00 app[web.1]:   at Mono.Net.Security.Private.LegacySslStream.AuthenticateAsClient (System.String targetHost, System.Security.Cryptography.X509Certificates.X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation) <0x41c19160 + 0x00055> in <filename unknown>:0 
> 2016-10-05T13:51:33.301443+00:00 app[web.1]:   at Mono.Net.Security.MonoTlsStream.CreateStream (System.Byte[] buffer) <0x41c18720 + 0x00149> in <filename unknown>:0 
> 2016-10-05T13:51:33.301444+00:00 app[web.1]:   --- End of inner exception stack trace ---
> 2016-10-05T13:51:33.301444+00:00 app[web.1]:   at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) <0x41c53640 + 0x001ed> in <filename unknown>:0 
> 2016-10-05T13:51:33.301445+00:00 app[web.1]:   at FSharp.Data.HttpHelpers+getResponseFromBeginEnd@609-1.Invoke (IAsyncResult arg00) <0x41c53610 + 0x00024> in <filename unknown>:0 
> 2016-10-05T13:51:33.301446+00:00 app[web.1]:   at <StartupCode$FSharp-Core>.$Control+callback@1875[T].Invoke (IAsyncResult ar) <0x41c52c90 + 0x00176> in <filename unknown>:0 
> 2016-10-05T13:51:33.301447+00:00 app[web.1]: --- End of stack trace from previous location where exception was thrown ---
> 2016-10-05T13:51:33.301448+00:00 app[web.1]:   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () <0x41c57300 + 0x00038> in <filename unknown>:0 
> 2016-10-05T13:51:33.301448+00:00 app[web.1]:   at Microsoft.FSharp.Control.AsyncBuilderImpl.commit[a] (Microsoft.FSharp.Control.AsyncImplResult`1 res) <0x41c57100 + 0x0015f> in <filename unknown>:0 
> 2016-10-05T13:51:33.301466+00:00 app[web.1]:   at Microsoft.FSharp.Control.CancellationTokenOps.RunSynchronouslyInCurrentThread[a] (CancellationToken token, Microsoft.FSharp.Control.FSharpAsync`1 computation) <0x41beb6e0 + 0x001cf> in <filename unknown>:0 
> 2016-10-05T13:51:33.301468+00:00 app[web.1]:   at Microsoft.FSharp.Control.CancellationTokenOps.RunSynchronously[a] (CancellationToken token, Microsoft.FSharp.Control.FSharpAsync`1 computation, Microsoft.FSharp.Core.FSharpOption`1 timeout) <0x41beb500 + 0x0008f> in <filename unknown>:0 
> 2016-10-05T13:51:33.301469+00:00 app[web.1]:   at Microsoft.FSharp.Control.FSharpAsync.RunSynchronously[T] (Microsoft.FSharp.Control.FSharpAsync`1 computation, Microsoft.FSharp.Core.FSharpOption`1 timeout, Microsoft.FSharp.Core.FSharpOption`1 cancellationToken) <0x41beb140 + 0x00259> in <filename unknown>:0 
> 2016-10-05T13:51:33.301469+00:00 app[web.1]:   at lib.getParisToBerlin () <0x41be9c10 + 0x0007c> in <filename unknown>:0 
> 2016-10-05T13:51:33.301470+00:00 app[web.1]:   at <StartupCode$FSI_0001>.$FSI_0001.main@ () <0x41be2dd0 + 0x00038> in <filename unknown>:0 
> 2016-10-05T13:51:33.301471+00:00 app[web.1]:   at (wrapper managed-to-native) System.Reflection.MonoMethod:InternalInvoke (System.Reflection.MonoMethod,object,object[],System.Exception&)
> 2016-10-05T13:51:33.301817+00:00 app[web.1]:   at System.Reflection.MonoMethod.Invoke (System.Object obj, BindingFlags invokeAttr, System.Reflection.Binder binder, System.Object[] parameters, System.Globalization.CultureInfo culture) <0x4173c830 + 0x000b7> in <filename unknown>:0 
> 2016-10-05T13:51:33.302020+00:00 app[web.1]: Stopped due to error
> 2016-10-05T13:51:33.840586+00:00 heroku[web.1]: State changed from starting to crashed
> 2016-10-05T13:51:33.833958+00:00 heroku[web.1]: Process exited with status 1

The code can be found here: https://github.com/zenplement/suaveherokutypeprovidertest Note that a google api key needs to be set as a config variable in Heroku (GOOGLE_API_KEY)

It might simply be a newbie mistake on my part (first time using Suave.IO), so any pointers would be greatly appreciated. I might also be related to #9.

[mydogisbox]

I'm encountering the same issue also with google api in heroku. Did you ever find a solution?

I found https://github.com/KSP-CKAN/CKAN/issues/24 which may fix it but I'm not sure how to apply that to the buildpack.

I followed the solution here: http://answers.unity3d.com/questions/914894/help-me-reading-a-spreadsheet-from-google-drive-us.html

but doesn't seem like the right fix.

[haf]

I think the issue here is the mono version; try Mono 4.8.1 and the TLS support has been improved.

[haf]

On this line https://github.com/SuaveIO/mono-script-buildpack/blob/master/bin/compile#L11

[ghost]

I never found a solution mydogisbox, but I haven't tried changing the mono version as haf is proposing.

[haf]

The second solution I can think of is updating the CA list… The message states "Trust failure", not "Handshake failure", so let me suggest http://www.mono-project.com/docs/about-mono/releases/3.12.0/#cert-sync

[mydogisbox]

I will add that to my todo list to investigate.