search

matthewb66 / bd_scan_yocto

Synopsys Black Duck Yocto scan utility
Apache License 2.0
8 stars 9 forks source link

unable to get local issuer certificate #21

Open henbin opened 3 months ago

henbin commented 3 months ago

Hi,

I encounter below error. Could anyone please advise me how to resolve it? Thanks.

INFO:root:----------------------------------   PHASE 6A  ----------------------------------
INFO:root:Ignoring partially matched compoents  ...
DEBUG:urllib3.connectionpool:https://blackduck.mic.com.tw:443 "GET /api/projects/2d7bb8cd-c3d3-49ea-929c-777adccbb74c/versions/da217655-1d82-4e92-9293-5
5269301f3e7/components?limit=1000 HTTP/1.1" 200 None
DEBUG:urllib3.connectionpool:https://blackduck.mic.com.tw:443 "GET /api/projects/2d7bb8cd-c3d3-49ea-929c-777adccbb74c/versions/da217655-1d82-4e92-9293-5
5269301f3e7/components?limit=1000&offset=95 HTTP/1.1" 200 None
INFO:root:- Getting component data ...
DEBUG:asyncio:Using selector: EpollSelector
Traceback (most recent call last):
  File "/data/home/henbin/.local/lib/python3.8/site-packages/aiohttp/connector.py", line 1214, in _start_tls_connection
    tls_transport = await self._loop.start_tls(
  File "/usr/lib/python3.8/asyncio/base_events.py", line 1200, in start_tls
    await waiter
  File "/usr/lib/python3.8/asyncio/sslproto.py", line 529, in data_received
    ssldata, appdata = self._sslpipe.feed_ssldata(data)
  File "/usr/lib/python3.8/asyncio/sslproto.py", line 189, in feed_ssldata
    self._sslobj.do_handshake()
  File "/usr/lib/python3.8/ssl.py", line 944, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1145)

The above exception was the direct cause of the following exception:
                                                                                                                                                        Traceback (most recent call last):                                                                                                                        File "/data/home/henbin/.local/bin/bd-scan-yocto", line 8, in <module>
    sys.exit(main.main())
  File "/data/home/henbin/.local/lib/python3.8/site-packages/bd_scan_yocto/main.py", line 43, in main
    process.proc_yocto_project(global_values.manifest_file)
  File "/data/home/henbin/.local/lib/python3.8/site-packages/bd_scan_yocto/process.py", line 254, in proc_yocto_project
    bd_process_bom.process_bdproject(config.args.project, config.args.version)
  File "/data/home/henbin/.local/lib/python3.8/site-packages/bd_scan_yocto/bd_process_bom.py", line 109, in process_bdproject
    ignore_components(bd, ver_dict)
  File "/data/home/henbin/.local/lib/python3.8/site-packages/bd_scan_yocto/bd_process_bom.py", line 143, in ignore_components
    pkg_ignore_dict = asyncio.run(bd_asyncdata.async_main(bom_compsdict, bd.session.auth.bearer_token))
  File "/usr/lib/python3.8/asyncio/runners.py", line 44, in run
    return loop.run_until_complete(main)
  File "/usr/lib/python3.8/asyncio/base_events.py", line 616, in run_until_complete
    return future.result()
  File "/data/home/henbin/.local/lib/python3.8/site-packages/bd_scan_yocto/bd_asyncdata.py", line 22, in async_main
    all_files = dict(await asyncio.gather(*file_tasks))
  File "/data/home/henbin/.local/lib/python3.8/site-packages/bd_scan_yocto/bd_asyncdata.py", line 50, in async_get_files
    async with session.get(thishref, headers=headers, ssl=ssl) as resp:
  File "/data/home/henbin/.local/lib/python3.8/site-packages/aiohttp/client.py", line 1353, in __aenter__
    self._resp = await self._coro
  File "/data/home/henbin/.local/lib/python3.8/site-packages/aiohttp/client.py", line 657, in _request
    conn = await self._connector.connect(
  File "/data/home/henbin/.local/lib/python3.8/site-packages/aiohttp/connector.py", line 564, in connect
    proto = await self._create_connection(req, traces, timeout)
  File "/data/home/henbin/.local/lib/python3.8/site-packages/aiohttp/connector.py", line 973, in _create_connection
    _, proto = await self._create_proxy_connection(req, traces, timeout)
  File "/data/home/henbin/.local/lib/python3.8/site-packages/aiohttp/connector.py", line 1472, in _create_proxy_connection
    return await self._start_tls_connection(
  File "/data/home/henbin/.local/lib/python3.8/site-packages/aiohttp/connector.py", line 1228, in _start_tls_connection
     raise ClientConnectorCertificateError(req.connection_key, exc) from exc
aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host blackduck.mic.com.tw:443 ssl:True [SSLCertVerificationError: (1, '[SSL
: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1145)')]
matthewb66 commented 3 months ago

Please email me direct at mbrad@synopsys.com including:

  1. Full command line you are running
  2. Full output log from bd_scan_yocto
  3. The type of certificate used for your Black Duck server. Is it self-signed?
  4. Confirmation whether you usually use a proxy to connect to Black Duck - if so the additional options you supply to Synopsys Detect to run a scan. Thanks