Erreur SSL - impossible de télécharger des images

Soutien
1

Je rencontre l’erreur ci-dessous lors du téléchargement d’images. J’ai effectué la mise à jour vers la dernière version aujourd’hui, mais je ne pense pas que cela en soit la cause. Je n’ai apporté aucune modification au site où ce problème se produit, à part la mise à jour, mais j’ai effectué des changements sur mon site bac à sable. J’essayais de restaurer une sauvegarde du site principal pour la mettre à jour, mais la connexion à l’espace DigitalOcean où les sauvegardes sont stockées échouait. Il semble donc que la manipulation de ces paramètres ait, d’une manière ou d’une autre, entraîné une association avec le site bac à sable plutôt qu’avec le site principal.

SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch)

Extrait des journaux

/usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `connect_nonblock' /usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `ssl_socket_connect' /usr/local/lib/ruby/2.7.0/net/http.rb:1009:in `connect' /usr/local/lib/ruby/2.7.0/net/http.rb:943:in `do_start' /usr/local/lib/ruby/2.7.0/net/http.rb:938:in `start' /usr/local/lib/ruby/2.7.0/delegate.rb:83:in `method_missing' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/connection_pool.rb:300:in `start_session' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/connection_pool.rb:99:in `session_for' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:124:in `session' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:76:in `transmit' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:50:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/content_length.rb:17:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/request_callback.rb:85:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:116:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:61:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_host_id.rb:17:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/xml/error_handler.rb:10:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/transfer_encoding.rb:26:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/helpful_socket_errors.rb:12:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:94:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/redirects.rb:20:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:349:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/http_checksum.rb:18:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/endpoint_pattern.rb:30:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/dualstack.rb:46:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/accelerate.rb:61:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/expect_100_continue.rb:22:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb:26:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/bucket_dns.rb:35:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/arn.rb:47:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/rest/handler.rb:10:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/user_agent.rb:13:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/endpoint.rb:47:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/param_validator.rb:26:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/arn.rb:72:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/sse_cpk.rb:24:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/dualstack.rb:36:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/accelerate.rb:50:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/jsonvalue_converter.rb:22:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/idempotency_token.rb:19:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/param_converter.rb:26:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/request_callback.rb:71:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/response_paging.rb:12:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/response_target.rb:24:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/request.rb:72:in `send_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/poller.rb:65:in `send_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/poller.rb:51:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:107:in `block in poll' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:104:in `loop' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:104:in `poll' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:94:in `block (2 levels) in wait' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:93:in `catch' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:93:in `block in wait' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:92:in `catch' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:92:in `wait' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/waiters.rb:123:in `wait' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/bucket.rb:98:in `wait_until_exists' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/bucket.rb:79:in `exists?' /var/www/discourse/lib/s3_helper.rb:276:in `s3_bucket' /var/www/discourse/lib/s3_helper.rb:192:in `list' /var/www/discourse/lib/backup_restore/s3_backup_store.rb:75:in `unsorted_files' /var/www/discourse/lib/backup_restore/backup_store.rb:23:in `files' /var/www/discourse/lib/backup_restore/backup_store.rb:28:in `latest_file' /var/www/discourse/app/jobs/scheduled/schedule_backup.rb:12:in `execute' /var/www/discourse/app/jobs/base.rb:232:in `block (2 levels) in perform' rails_multisite-3.0.0/lib/rails_multisite/connection_management.rb:80:in `with_connection' /var/www/discourse/app/jobs/base.rb:221:in `block in perform' /var/www/discourse/app/jobs/base.rb:217:in `each' /var/www/discourse/app/jobs/base.rb:217:in `perform' /var/www/discourse/app/jobs/base.rb:279:in `perform' mini_scheduler-0.13.0/lib/mini_scheduler/manager.rb:93:in `process_queue' mini_scheduler-0.13.0/lib/mini_scheduler/manager.rb:37:in `block (2 levels) in initialize'

Édition : J’ai également remarqué ceci dans les journaux :

lib/s3_helper.rb:276:in `s3_bucket'
lib/s3_helper.rb:211:in `object'
lib/file_store/s3_store.rb:265:in `presigned_url'
lib/file_store/s3_store.rb:165:in `url_for'
app/controllers/uploads_controller.rb:114:in `show_short'
app/controllers/application_controller.rb:395:in `block in with_resolved_locale'
app/controllers/application_controller.rb:395:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:71:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:355:in `call'
config/initializers/100-quiet_logger.rb:23:in `call'
config/initializers/100-silence_logger.rb:31:in `call'
lib/middleware/enforce_hostname.rb:23:in `call'
lib/middleware/request_tracker.rb:177:in `call'

[details=“Pile d’appels”]

Message (4 copies signalées)

Seahorse::Client::NetworkingError (SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch))
lib/s3_helper.rb:276:in `s3_bucket'
lib/s3_helper.rb:211:in `object'
lib/file_store/s3_store.rb:265:in `presigned_url'
lib/file_store/s3_store.rb:165:in `url_for'
app/controllers/uploads_controller.rb:114:in `show_short'
app/controllers/application_controller.rb:395:in `block in with_resolved_locale'
app/controllers/application_controller.rb:395:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:71:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:355:in `call'
config/initializers/100-quiet_logger.rb:23:in `call'
config/initializers/100-silence_logger.rb:31:in `call'
lib/middleware/enforce_hostname.rb:23:in `call'
lib/middleware/request_tracker.rb:177:in `call'

Pile d'appels

/usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `connect_nonblock'
/usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `ssl_socket_connect'
/usr/local/lib/ruby/2.7.0/net/http.rb:1009:in `connect'
/usr/local/lib/ruby/2.7.0/net/http.rb:943:in `do_start'
/usr/local/lib/ruby/2.7.0/net/http.rb:938:in `start'
/usr/local/lib/ruby/2.7.0/delegate.rb:83:in `method_missing'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/connection_pool.rb:300:in `start_session'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/connection_pool.rb:99:in `session_for'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/handler.rb:124:in `session'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/handler.rb:76:in `transmit'

Environnement

HÔTES HTTP : community.naturephotographers.network
```[/details]
2

Il semble que le certificat présenté par votre service Object Storage soit invalide.

Vérifiez à nouveau la configuration. Si vous ne trouvez aucune erreur, collez ici la valeur de S3_ENDPOINT.

3

Merci, j’ai soumis une demande de support à DO pour vérifier si le problème vient de leur côté.

Voici le point de terminaison : https://npn.sfo2.cdn.digitaloceanspaces.com

4

Étrange que l’URL du point de terminaison contienne cdn. Ce n’était pas le cas lorsque j’ai testé leur service.

1 « J'aime »
5

Bonne trouvaille, je l’ai remis sur https:://sfo2.digitaloceanspaces.com et cela semble fonctionner maintenant ! C’est très étrange que cela ait fonctionné dans cette configuration pendant potentiellement des années et que cela se soit arrêté soudainement aujourd’hui. Merci beaucoup pour ton aide, Rafael !

1 « J'aime »
6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.