Error SSL - no se pueden subir imágenes

Soporte
1

Estoy recibiendo el siguiente error al subir imágenes. Actualicé a la versión más reciente hoy, pero no creo que eso haya causado el problema. No he realizado cambios en el sitio donde ocurre esto, aparte de la actualización, pero sí hice cambios en mi sitio de prueba (sandbox). Estaba intentando restaurar una copia de seguridad del sitio principal para actualizarlo, pero no se conectaba al espacio de DigitalOcean donde se almacenan las copias de seguridad. ¿Será que al modificar estos ajustes de alguna manera se asoció con el sitio de prueba en lugar del principal?

SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch)

De los registros

/usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `connect_nonblock' /usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `ssl_socket_connect' /usr/local/lib/ruby/2.7.0/net/http.rb:1009:in `connect' /usr/local/lib/ruby/2.7.0/net/http.rb:943:in `do_start' /usr/local/lib/ruby/2.7.0/net/http.rb:938:in `start' /usr/local/lib/ruby/2.7.0/delegate.rb:83:in `method_missing' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/connection_pool.rb:300:in `start_session' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/connection_pool.rb:99:in `session_for' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:124:in `session' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:76:in `transmit' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:50:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/content_length.rb:17:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/request_callback.rb:85:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:116:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:61:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_host_id.rb:17:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/xml/error_handler.rb:10:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/transfer_encoding.rb:26:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/helpful_socket_errors.rb:12:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:94:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/redirects.rb:20:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:349:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/http_checksum.rb:18:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/endpoint_pattern.rb:30:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/dualstack.rb:46:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/accelerate.rb:61:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/expect_100_continue.rb:22:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb:26:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/bucket_dns.rb:35:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/arn.rb:47:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/rest/handler.rb:10:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/user_agent.rb:13:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/endpoint.rb:47:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/param_validator.rb:26:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/arn.rb:72:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/sse_cpk.rb:24:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/dualstack.rb:36:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/accelerate.rb:50:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/jsonvalue_converter.rb:22:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/idempotency_token.rb:19:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/param_converter.rb:26:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/request_callback.rb:71:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/response_paging.rb:12:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/response_target.rb:24:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/request.rb:72:in `send_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/poller.rb:65:in `send_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/poller.rb:51:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:107:in `block in poll' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:104:in `loop' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:104:in `poll' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:94:in `block (2 levels) in wait' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:93:in `catch' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:93:in `block in wait' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:92:in `catch' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:92:in `wait' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/waiters.rb:123:in `wait' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/bucket.rb:98:in `wait_until_exists' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/bucket.rb:79:in `exists?' /var/www/discourse/lib/s3_helper.rb:276:in `s3_bucket' /var/www/discourse/lib/s3_helper.rb:192:in `list' /var/www/discourse/lib/backup_restore/s3_backup_store.rb:75:in `unsorted_files' /var/www/discourse/lib/backup_restore/backup_store.rb:23:in `files' /var/www/discourse/lib/backup_restore/backup_store.rb:28:in `latest_file' /var/www/discourse/app/jobs/scheduled/schedule_backup.rb:12:in `execute' /var/www/discourse/app/jobs/base.rb:232:in `block (2 levels) in perform' rails_multisite-3.0.0/lib/rails_multisite/connection_management.rb:80:in `with_connection' /var/www/discourse/app/jobs/base.rb:221:in `block in perform' /var/www/discourse/app/jobs/base.rb:217:in `each' /var/www/discourse/app/jobs/base.rb:217:in `perform' /var/www/discourse/app/jobs/base.rb:279:in `perform' mini_scheduler-0.13.0/lib/mini_scheduler/manager.rb:93:in `process_queue' mini_scheduler-0.13.0/lib/mini_scheduler/manager.rb:37:in `block (2 levels) in initialize'

Edición: También noté esto en los registros:

lib/s3_helper.rb:276:in `s3_bucket'
lib/s3_helper.rb:211:in `object'
lib/file_store/s3_store.rb:265:in `presigned_url'
lib/file_store/s3_store.rb:165:in `url_for'
app/controllers/uploads_controller.rb:114:in `show_short'
app/controllers/application_controller.rb:395:in `block in with_resolved_locale'
app/controllers/application_controller.rb:395:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:71:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:355:in `call'
config/initializers/100-quiet_logger.rb:23:in `call'
config/initializers/100-silence_logger.rb:31:in `call'
lib/middleware/enforce_hostname.rb:23:in `call'
lib/middleware/request_tracker.rb:177:in `call'```

[details="Rastreo"]

Mensaje (4 copias reportadas)

Seahorse::Client::NetworkingError (SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch))
lib/s3_helper.rb:276:in s3_bucket' lib/s3_helper.rb:211:in object’
lib/file_store/s3_store.rb:265:in presigned_url' lib/file_store/s3_store.rb:165:in url_for’
app/controllers/uploads_controller.rb:114:in show_short' app/controllers/application_controller.rb:395:in block in with_resolved_locale’
app/controllers/application_controller.rb:395:in with_resolved_locale' lib/middleware/omniauth_bypass_middleware.rb:71:in call’
lib/content_security_policy/middleware.rb:12:in call' lib/middleware/anonymous_cache.rb:355:in call’
config/initializers/100-quiet_logger.rb:23:in call' config/initializers/100-silence_logger.rb:31:in call’
lib/middleware/enforce_hostname.rb:23:in call' lib/middleware/request_tracker.rb:177:in call’

Rastreo

/usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in connect_nonblock' /usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in ssl_socket_connect’
/usr/local/lib/ruby/2.7.0/net/http.rb:1009:in connect' /usr/local/lib/ruby/2.7.0/net/http.rb:943:in do_start’
/usr/local/lib/ruby/2.7.0/net/http.rb:938:in start' /usr/local/lib/ruby/2.7.0/delegate.rb:83:in method_missing’
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/connection_pool.rb:300:in start_session' aws-sdk-core (3.112.1) lib/seahorse/client/net_http/connection_pool.rb:99:in session_for’
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/handler.rb:124:in session' aws-sdk-core (3.112.1) lib/seahorse/client/net_http/handler.rb:76:in transmit’

Entorno

HOSTS HTTP: community.naturephotographers.network

[/details]
2

Parece que el certificado presentado por su servicio de Object Storage no es válido.

Verifique dos veces la configuración; si no encuentra ningún error, pegue aquí el S3_ENDPOINT.

3

Gracias, he enviado una solicitud de soporte a DO para ver si es algo de su parte.

Aquí está el endpoint: https://npn.sfo2.cdn.digitaloceanspaces.com

4

Es extraño que la URL del punto final contenga cdn. Eso no ocurrió cuando probé su servicio.

1 me gusta
5

¡Buen hallazgo! Lo volví a configurar a https://sfo2.digitaloceanspaces.com y ahora parece que funciona. Es muy extraño que haya estado funcionando con esa configuración durante posiblemente años y que de repente deje de hacerlo hoy. ¡Agradezco mucho tu ayuda, Rafael!

1 me gusta
6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.