Errore SSL - impossibile caricare immagini

Supporto
1

Sto ricevendo l’errore riportato di seguito durante il caricamento delle immagini. Oggi ho aggiornato all’ultima versione, ma non credo che sia questa la causa. Non ho apportato modifiche al sito in cui si verifica il problema, a parte l’aggiornamento, ma ho effettuato delle modifiche sul mio sito sandbox. Stavo cercando di ripristinare un backup dal sito principale per portarlo allo stato attuale, ma non riusciva a connettersi allo spazio DigitalOcean dove sono archiviati i backup. Quindi sembra che aver modificato queste impostazioni abbia in qualche modo causato l’associazione con il sito sandbox invece di quello principale, forse?

SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch)

Dai log

/usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `connect_nonblock' /usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `ssl_socket_connect' /usr/local/lib/ruby/2.7.0/net/http.rb:1009:in `connect' /usr/local/lib/ruby/2.7.0/net/http.rb:943:in `do_start' /usr/local/lib/ruby/2.7.0/net/http.rb:938:in `start' /usr/local/lib/ruby/2.7.0/delegate.rb:83:in `method_missing' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/connection_pool.rb:300:in `start_session' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/connection_pool.rb:99:in `session_for' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:124:in `session' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:76:in `transmit' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:50:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/content_length.rb:17:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/request_callback.rb:85:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:116:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:61:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_host_id.rb:17:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/xml/error_handler.rb:10:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/transfer_encoding.rb:26:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/helpful_socket_errors.rb:12:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:94:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/redirects.rb:20:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:349:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/http_checksum.rb:18:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/endpoint_pattern.rb:30:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/dualstack.rb:46:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/accelerate.rb:61:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/expect_100_continue.rb:22:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb:26:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/bucket_dns.rb:35:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/arn.rb:47:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/rest/handler.rb:10:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/user_agent.rb:13:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/endpoint.rb:47:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/param_validator.rb:26:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/arn.rb:72:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/sse_cpk.rb:24:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/dualstack.rb:36:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/accelerate.rb:50:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/jsonvalue_converter.rb:22:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/idempotency_token.rb:19:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/param_converter.rb:26:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/request_callback.rb:71:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/response_paging.rb:12:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/response_target.rb:24:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/request.rb:72:in `send_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/poller.rb:65:in `send_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/poller.rb:51:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:107:in `block in poll' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:104:in `loop' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:104:in `poll' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:94:in `block (2 levels) in wait' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:93:in `catch' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:93:in `block in wait' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:92:in `catch' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:92:in `wait' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/waiters.rb:123:in `wait' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/bucket.rb:98:in `wait_until_exists' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/bucket.rb:79:in `exists?' /var/www/discourse/lib/s3_helper.rb:276:in `s3_bucket' /var/www/discourse/lib/s3_helper.rb:192:in `list' /var/www/discourse/lib/backup_restore/s3_backup_store.rb:75:in `unsorted_files' /var/www/discourse/lib/backup_restore/backup_store.rb:23:in `files' /var/www/discourse/lib/backup_restore/backup_store.rb:28:in `latest_file' /var/www/discourse/app/jobs/scheduled/schedule_backup.rb:12:in `execute' /var/www/discourse/app/jobs/base.rb:232:in `block (2 levels) in perform' rails_multisite-3.0.0/lib/rails_multisite/connection_management.rb:80:in `with_connection' /var/www/discourse/app/jobs/base.rb:221:in `block in perform' /var/www/discourse/app/jobs/base.rb:217:in `each' /var/www/discourse/app/jobs/base.rb:217:in `perform' /var/www/discourse/app/jobs/base.rb:279:in `perform' mini_scheduler-0.13.0/lib/mini_scheduler/manager.rb:93:in `process_queue' mini_scheduler-0.13.0/lib/mini_scheduler/manager.rb:37:in `block (2 levels) in initialize'

Modifica: Ho notato anche questo nei log:

lib/s3_helper.rb:276:in `s3_bucket'
lib/s3_helper.rb:211:in `object'
lib/file_store/s3_store.rb:265:in `presigned_url'
lib/file_store/s3_store.rb:165:in `url_for'
app/controllers/uploads_controller.rb:114:in `show_short'
app/controllers/application_controller.rb:395:in `block in with_resolved_locale'
app/controllers/application_controller.rb:395:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:71:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:355:in `call'
config/initializers/100-quiet_logger.rb:23:in `call'
config/initializers/100-silence_logger.rb:31:in `call'
lib/middleware/enforce_hostname.rb:23:in `call'
lib/middleware/request_tracker.rb:177:in `call'
Backtrace 
Messaggio (4 copie riportate)

Seahorse::Client::NetworkingError (SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch))
lib/s3_helper.rb:276:in `s3_bucket'
lib/s3_helper.rb:211:in `object'
lib/file_store/s3_store.rb:265:in `presigned_url'
lib/file_store/s3_store.rb:165:in `url_for'
app/controllers/uploads_controller.rb:114:in `show_short'
app/controllers/application_controller.rb:395:in `block in with_resolved_locale'
app/controllers/application_controller.rb:395:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:71:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:355:in `call'
config/initializers/100-quiet_logger.rb:23:in `call'
config/initializers/100-silence_logger.rb:31:in `call'
lib/middleware/enforce_hostname.rb:23:in `call'
lib/middleware/request_tracker.rb:177:in `call'

Backtrace

/usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `connect_nonblock'
/usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `ssl_socket_connect'
/usr/local/lib/ruby/2.7.0/net/http.rb:1009:in `connect'
/usr/local/lib/ruby/2.7.0/net/http.rb:943:in `do_start'
/usr/local/lib/ruby/2.7.0/net/http.rb:938:in `start'
/usr/local/lib/ruby/2.7.0/delegate.rb:83:in `method_missing'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/connection_pool.rb:300:in `start_session'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/connection_pool.rb:99:in `session_for'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/handler.rb:124:in `session'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/handler.rb:76:in `transmit'

Ambiente

HTTP HOSTS: community.naturephotographers.network
2

Sembra che il certificato presentato dal tuo servizio di Object Storage non sia valido.

Verifica nuovamente la configurazione; se non riesci a individuare alcun errore, incolla qui S3_ENDPOINT.

3

Grazie, ho inviato una richiesta di assistenza a DO per verificare se il problema sia da parte loro.

Ecco l’endpoint: https://npn.sfo2.cdn.digitaloceanspaces.com

4

Strano che l’URL dell’endpoint contenga cdn. Non era così quando ho testato il loro servizio.

1 Mi Piace
5

Ottima osservazione, l’ho reimpostato su https:://sfo2.digitaloceanspaces.com e ora sembra funzionare! È molto strano che abbia funzionato con quella configurazione per potenzialmente anni e che si sia interrotto improvvisamente oggi. Apprezzo molto il tuo aiuto, Rafael!

1 Mi Piace
6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.