Setup fails with error about cdc_utils

[paulcobb27]

I'm just getting started with fusesoc and SweRVolf, so sorry if this is actually a simple issue.

When I try, for example:

   fusesoc run --target=sim swervolf

I get the following:

ERROR: Setup failed : Failed to download 'https://github.com/fusesoc/cdc_utils/archive/v0.1.tar.gz'. '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1056)'

The URL that appears in the error message doesn't seem to exist: my browser can get to 'https://github.com/fusesoc/cdc_utils/', but there's no subdirectory 'archive'. I do some other subdirectories, but haven't yet learned enough about fusesoc to see how I could eliminate this error.

Many thanks for creating fusesoc, for all the contributions to Risc V, and for any help you can offer.

[olofk]

Hi,

That .tar.gz URL is a special github URL that can be used to get an archive from the repository at a specific commit. Not sure why it fails though. I just tried accessing it on my machine and it finds the URL just fine. And given that you can open the repo in your browser, it seems like the connection works fine. I wonder if you perhaps have some proxy settings that allows the browser to get the URL but not when Python tries to download it. You could try wget https://github.com/fusesoc/cdc_utils/archive/v0.1.tar.gz and see if you can manually download the archive. Any way we'll find out some workaround for you

[paulcobb27]

Hi Olof,

thanks very much for explaining the URL. Eventually, I found out that for some reason, my python3.7 installation didn't have any rootCA certificate bundle. The ssl module's get_default_verify_paths().openssl_cafile returns '/usr/local/ssl/cert.pem', but no file of that name existed, so there was no way to authenticate the server in any request to an https:// URL.

As a workaround, I used 'pip3 install certifi' to bring in the Python package containing the Mozilla rootCA cert bundle at ...python3.7/site-packages/certifi/cacert.pem, and created a link to that in the path where Python is looking. With that tweak, the command 'fusesoc run --target=sim swervolf' is able to retrieve everything it requires without errors.

Obviously, the issue was caused by my Python installation - not by SweRVolf or fusesoc. I'm using the Python3.7 installed by Debian 10. I don't know of any reason why there would be a problem with the SSL cert setup, or any way that I might have broken it. Anyway, maybe the information here could save some time for anyone else who might run into this issue.

[olofk]

It's really weird. I remember seeing a very similar issue when I was doing a hands-on workshop with FuseSoC in 2013 and it took me a while to figure out what was wrong. Given that the issue seems to be somewhat rare I will close this now and keep in mind to see if we can improve the error indication in FuseSoC. Thanks for reporting!