mjauvin
commented
3 years ago @lufog can you attach the install.log file that gets created in the installation folder?
Closed lufog closed 3 years ago
mjauvin
commented
3 years ago @lufog can you attach the install.log file that gets created in the installation folder?
lufog
commented
3 years ago @mjauvin yes of course, here it is:
[2021-08-12 23:31:57+00:00] INFO: Installer API request received {"method":"GET","endpoint":"checkApi"}
[2021-08-12 23:31:57+00:00] NOTICE: Trying Winter CMS API
[2021-08-12 23:31:57+00:00] INFO: Winter API request {"method":"GET","uri":"ping"}
[2021-08-12 23:31:57+00:00] ERROR: HTTP code returned indicates an error {"code":0}
[2021-08-12 23:31:57+00:00] DEBUG: Response received from Winter API {"response":""}
[2021-08-12 23:31:57+00:00] ERROR: An error occurred trying to communicate with the Winter CMS API: {"exception":"[object] (Exception(code: 0): An error occurred trying to communicate with the Winter CMS API: at E:\\Programming\\Web\\wintercms\\install\\api\\src\\Api.php:972)"}
[2021-08-12 23:31:57+00:00] ERROR: An error occurred trying to communicate with the Winter CMS API: {"code":500,"exception":null}
[2021-08-12 23:31:57+00:00] INFO: Installer API request received {"method":"GET","endpoint":"checkPhpVersion"}
[2021-08-12 23:31:57+00:00] NOTICE: Compared PHP version {"installed":"8.0.8","needed":"7.2.9"}
[2021-08-12 23:31:57+00:00] NOTICE: PHP version requirement met.
[2021-08-12 23:31:57+00:00] INFO: Installer API request received {"method":"GET","endpoint":"checkPhpExtensions"}
[2021-08-12 23:31:57+00:00] NOTICE: Checking PHP "curl" extension
[2021-08-12 23:31:57+00:00] NOTICE: Checking PHP "json" extension
[2021-08-12 23:31:57+00:00] NOTICE: Checking PHP "pdo" extension
[2021-08-12 23:31:57+00:00] NOTICE: Checking PHP "zip" extension
[2021-08-12 23:31:57+00:00] NOTICE: Checking PHP "mbstring" extension
[2021-08-12 23:31:57+00:00] NOTICE: Checking PHP "fileinfo" extension
[2021-08-12 23:31:57+00:00] NOTICE: Checking PHP "openssl" extension
[2021-08-12 23:31:57+00:00] NOTICE: Checking PHP "gd" extension
[2021-08-12 23:31:57+00:00] NOTICE: Checking PHP "filter" extension
[2021-08-12 23:31:57+00:00] NOTICE: Checking PHP "hash" extension
[2021-08-12 23:31:57+00:00] NOTICE: Required PHP extensions are installed. instal.log after forcibly skip checks:
[2021-08-12 23:41:47+00:00] INFO: Installer API request received {"method":"POST","endpoint":"checkDatabase"}
[2021-08-12 23:41:47+00:00] NOTICE: Creating temporary SQLite DB {"path":"E:\\Programming\\Web\\wintercms\\.temp.sqlite"}
[2021-08-12 23:41:47+00:00] NOTICE: Check database connection
[2021-08-12 23:41:48+00:00] NOTICE: Found 0 table(s) {"tables":""}
[2021-08-12 23:41:48+00:00] NOTICE: Database connection established and verified empty
[2021-08-12 23:41:48+00:00] INFO: Installer API request received {"method":"GET","endpoint":"checkWriteAccess"}
[2021-08-12 23:41:48+00:00] NOTICE: Current working directory is writable.
[2021-08-12 23:41:49+00:00] INFO: Installer API request received {"method":"POST","endpoint":"downloadWinter"}
[2021-08-12 23:41:49+00:00] NOTICE: Try downloading Winter CMS archive
[2021-08-12 23:41:49+00:00] NOTICE: Downloading Winter ZIP via cURL {"url":"https://github.com/wintercms/winter/archive/refs/heads/1.1.zip"}
[2021-08-12 23:41:50+00:00] ERROR: Unable to download Winter CMS. Invalid HTTP code received - got 0 {"code":500,"exception":null} 
bennothommo
commented
3 years ago @lufog Could you provide us with your curl extension settings in PHP? Perhaps just showing the curl section from a phpinfo() call?
lufog
commented
3 years ago @bennothommo I have not changed these settings in any way, all the default values. Curl info:
| cURL support | enabled |
| cURL Information | 7.76.1 |
| Age | 8 |
| Features | |
| AsynchDNS | Yes |
| CharConv | No |
| Debug | No |
| GSS-Negotiate | No |
| IDN | Yes |
| IPv6 | Yes |
| krb4 | No |
| Largefile | Yes |
| libz | Yes |
| NTLM | Yes |
| NTLMWB | No |
| SPNEGO | Yes |
| SSL | Yes |
| SSPI | Yes |
| TLS-SRP | No |
| HTTP2 | Yes |
| GSSAPI | No |
| KERBEROS5 | Yes |
| UNIX_SOCKETS | Yes |
| PSL | No |
| HTTPS_PROXY | Yes |
| MULTI_SSL | No |
| BROTLI | No |
| Protocols | dict, file, ftp, ftps, gopher, gophers, http, https, imap, imaps, ldap, ldaps, mqtt, pop3, pop3s, rtsp, scp, sftp, smb, smbs, smtp, smtps, telnet, tftp |
| Host | x86_64-pc-win32 |
| SSL Version | OpenSSL/1.1.1k |
| ZLib Version | 1.2.11 |
| libSSH Version | libssh2/1.9.0 |
Web-installer v1.0.0-beta1 works fine.
bennothommo
commented
3 years ago @lufog This may be fixed by https://github.com/wintercms/web-installer/commit/da878769bdec9296d93e7d4ba954e3edbb0c0cee. Generally, a 0 being returned by the API call is the result of a failure to validate the SSL certificate of an API call.
We'll give this a try, but if it still fails, we may have to disable SSL verification like the October installer used to - I'm not a fan of that idea, but if it has to be done, then so be it. Please let me know if this is the case and I'll re-open.
lufog
commented
3 years ago @bennothommo, I built v1.0.0-beta4, unfortunately the error persists. If in lines: 288-289, 1001-1002 change the parameters CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST to false, the installation proceeds without errors.
Upd:
bennothommo
commented
3 years ago @lufog while that may work, it's also disabling SSL validation, which is not really a good thing if you want to be sure that you're getting the installer files from the correct location.
No, after all, something went wrong.
Could you look into your logs and see if there's an error coming up, then post that as a new issue to the Winter repo. That's a separate issue to this one.
lufog
commented
3 years ago @bennothommo
while that may work, it's also disabling SSL validation
Maybe make SSL validation optional? For example, offering this option only when the preferred method did not work.
Could you look into your logs and see if there's an error coming up, then post that as a new issue to the Winter repo.
I have already uninstalled the installation, but I will repeat the process, if the error persists, I will file a bug report.
lufog
commented
3 years ago @bennothommo, I think since the problem has not been fixed, it would be good to reopen this issue, at least so that it is not forgotten.
bennothommo
commented
3 years ago Hi all, sorry it has taken so long for us to look into this.
While I feel that it is best that we DO check the SSL certificate, since ultimately, an invalid SSL certificate means that the delivery of the correct files is no longer garunteed and leaves users susceptible to man-in-the-middle checks - I do understand that some people have configurations or environments where the SSL certificate cannot be checked correctly.
I will introduce an additional check in the first "System Checks" step when the API is being queried to see if it is available to also check the GitHub download server as well. If either certificate cannot be validated, a prompt will come up indicating that the SSL certificate(s) cannot be validated, but I will allow the user to ignore this if they wish and all further attempts to access these URLs will be done with SSL validation disabled.
Note that it's quite possible that I will be unable to disable SSL checks in Composer itself, so it's highly possible that Composer will fail to work anyway.
bennothommo
commented
3 years ago Fixed by 9d13ce604f33903edde725cc64a8c2fea2c49f55.
API Connection Your server could not connect to the Winter CMS Marketplace API.
If I forcibly skip checks, I get:
Sorry, but an error has occurred while trying to install Winter CMS. Unable to download Winter CMS. Invalid HTTP code received - got 0
php: 8.0.8 ts server:
php -S ...web-installer: v1.0.0-beta2, v1.0.0-beta3