Closed Alexander-Barth closed 1 year ago
I'll look into this, @DennisHeimbigner does anything immediately leap out at you?
two comments:
- 'chmod go-rwx /etc/ssl/certs/ca-certificates.crt
I get the error from the julia package NetworkOptions: "/etc/ssl/certs/ca-certificates.crt": Permission denied
Also command line curl does not work anymore after this change.
$ curl https://www.github.com
curl: (77) error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
I reverted this change. The patch in point 2 seems to work. Thanks!
Unfortunately, the issue described here resurface again once updating to netCDF 4.9.2.
If you recall, for the libcurl used in the julia ecosystem, we need to explicitly declare the path for the CA certificates. Previously, we used private function
NC_rcfile_insert
which does not work anymore in 4.9.2 but in the latest version we have the new public functionnc_set_rc
instead and call them with the function argumentHTTP.SSL.CAINFO
and the path"/etc/ssl/certs/ca-certificates.crt"
. This files does indeed exists on my system and seems to be the correct one to use:When accessing a HTTPS opendap resource, I get the following error:
This error occurs at the call of
nc_open
using the URLhttps://rda.ucar.edu/thredds/dodsC/files/g/ds084.1/2018/20181231/gfs.0p25.2018123118.f003.grib2
(accroding to my web browser the certificate is valid).With the call to
nc_get_rc
I get indeed to correct path (/etc/ssl/certs/ca-certificates.crt
).Surprisingly the error persists if I create a file
~/.ncrc
with the content:I am using Ubuntu 22.04.2 and NetCDF 4.9.2 is compiled with gcc 5.2.