Unable to fetch Numbers: SSL certificate problem: self signed certificate in certificate chain

twilio / OpenVBX

OpenVBX is a web-based open source phone system for business.

http://openvbx.org

Other

699 stars 342 forks source link

Unable to fetch Numbers: SSL certificate problem: self signed certificate in certificate chain #357

Open ghost opened 8 years ago

ghost commented 8 years ago

OpenVBX suddenly stopped working after normal Debian update/upgrade action.

The problem is shown like: Unable to fetch Numbers: SSL certificate problem: self signed certificate in certificate chain

2016-01-24-16 38 13

OpenVBX cannot connect any more and lost numbers and connection with api.twilio.com

If somebody can urgently help me, pleeeease.

gegere commented 8 years ago

I would be happy to help. Looks like you need a signed CA signed certificate. Please email if you would like further assistance.

On Jan 24, 2016, at 16:39, Rosario Maddox notifications@github.com wrote:

OpenVBX suddenly stopped working after normal Debian update/upgrade action

The problem is shown like: Unable to fetch Numbers: SSL certificate problem: self signed certificate in certificate chain

OpenVBX cannot connect any more and lost numbers and connection with apitwiliocom

If somebody can urgently help me, pleeeease

— Reply to this email directly or view it on GitHub.

ghost commented 8 years ago

The problem is with connection to api.twilio.com:443

This problem happened after Debian upgrade. I did not change nothing, it worked yesterday just as well.

My certificate is not important I think, but it does work. OpenVBX worked also without SSL on my server, isn't it?

ghost commented 8 years ago

Look this:

wget -nd wget http://curl.haxx.se/ca/cacert.pem
curl --verbose --cacert cacert.pem https://api.twilio.com

and then I get:

curl --verbose --cacert cacert.pem https://api.twilio.com
* Rebuilt URL to: https://api.twilio.com/
* Hostname was NOT found in DNS cache
* Trying 54.243.88.46...
* Connected to api.twilio.com (54.243.88.46) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: cacert.pem
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS alert, Server hello (2):
* SSL certificate problem: self signed certificate in certificate chain
* Closing connection 0
curl: (60) SSL certificate problem: self signed certificate in certificate chain
More details here: http://curl.haxx.se/docs/sslcerts.html

Basically it should be issue with certificate.

I used the cacert.pem from curl website. Something is wrong.

ghost commented 8 years ago

Debian removed 18 certificates... maybe it is it

Gipetto commented 8 years ago

There's an in-depth discussion going on about this in the twilio-php helper library issues: https://github.com/twilio/twilio-php/issues/203