search

alexbers / mtprotoproxy

Async MTProto proxy for Telegram
MIT License
1.59k stars 351 forks source link

SSL Errors on already running mtprotoproxy #224

Closed yarik2720 closed 4 years ago

yarik2720 commented 4 years ago 
mtprotoproxy_1  | Error getting server time [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1108)
mtprotoproxy_1  | tg: tg://proxy?server=xxx
mtprotoproxy_1  | tg: tg://proxy?server=xxx
mtprotoproxy_1  | tg2: tg://proxy?server=xxx
mtprotoproxy_1  | tg2: tg://proxy?server=xxx
mtprotoproxy_1  | Found uvloop, using it for optimal performance
mtprotoproxy_1  | Error updating middle proxy list: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1108)
mtprotoproxy_1  | Error getting server time [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1108)
mtprotoproxy_1  | Error updating middle proxy list for IPv6: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1108)
mtprotoproxy_1  | Got cert from the MASK_HOST mail.google.com, its length is 2507
mtprotoproxy_1  | Error updating middle proxy secret, using old [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1108)
mtprotoproxy_1  | Stats for 22.05.2020 16:51:07
mtprotoproxy_1  | tg: 46 connects (17 current), 13.45 MB, 1582 msgs
difeid commented 4 years ago

I solved this problem by additionally installing ca-certificates

yarik2720 commented 4 years ago

Is this installation on host or on docker?

difeid commented 4 years ago

On Docker image. I just modified Dockerfile and rebuilt the image.

diff --git a/Dockerfile b/Dockerfile
index 2085430..a289fff 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,6 @@
 FROM ubuntu:20.04

-RUN apt-get update && apt-get install --no-install-recommends -y python3 python3-uvloop python3-cryptography libcap2-bin && rm -rf /var/lib/apt/lists/*
+RUN apt-get update && apt-get install --no-install-recommends -y ca-certificates python3 python3-uvloop python3-cryptography libcap2-bin && rm -rf /var/lib/apt/lists/*
 RUN setcap cap_net_bind_service=+ep /usr/bin/python3.8

 RUN useradd tgproxy -u 10000
alexbers commented 4 years ago

I've added ca-certificates to dockerfile: https://github.com/alexbers/mtprotoproxy/commit/6076db9f8c97b2f4b29fd22987517919e8d3544b