Erro de SSL - não consigo carregar imagens

Suporte
1

Estou recebendo o erro abaixo ao fazer upload de imagens. Atualizei para a versão mais recente hoje, mas não acho que isso tenha causado o problema. Não fiz nenhuma alteração no site onde isso está ocorrendo, exceto a atualização, mas fiz alterações no meu site de sandbox. Eu estava tentando restaurar um backup do site principal para deixá-lo atualizado, mas não estava conseguindo conectar ao espaço do DigitalOcean onde os backups estão armazenados. Então, parece que mexer nessas configurações de alguma forma fez com que ele se associasse ao site de sandbox em vez do site principal, talvez?

SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch)

Dos logs

/usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `connect_nonblock' /usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `ssl_socket_connect' /usr/local/lib/ruby/2.7.0/net/http.rb:1009:in `connect' /usr/local/lib/ruby/2.7.0/net/http.rb:943:in `do_start' /usr/local/lib/ruby/2.7.0/net/http.rb:938:in `start' /usr/local/lib/ruby/2.7.0/delegate.rb:83:in `method_missing' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/connection_pool.rb:300:in `start_session' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/connection_pool.rb:99:in `session_for' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:124:in `session' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:76:in `transmit' aws-sdk-core-3.112.1/lib/seahorse/client/net_http/handler.rb:50:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/content_length.rb:17:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/request_callback.rb:85:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:116:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:61:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_host_id.rb:17:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/xml/error_handler.rb:10:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/transfer_encoding.rb:26:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/helpful_socket_errors.rb:12:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/s3_signer.rb:94:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/redirects.rb:20:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:349:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:383:in `retry_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `retry_if_possible' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/http_checksum.rb:18:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/endpoint_pattern.rb:30:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/dualstack.rb:46:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/accelerate.rb:61:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/expect_100_continue.rb:22:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb:26:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/bucket_dns.rb:35:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/arn.rb:47:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/rest/handler.rb:10:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/user_agent.rb:13:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/endpoint.rb:47:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/param_validator.rb:26:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/arn.rb:72:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/sse_cpk.rb:24:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/dualstack.rb:36:in `call' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/plugins/accelerate.rb:50:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/jsonvalue_converter.rb:22:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/idempotency_token.rb:19:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/param_converter.rb:26:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/request_callback.rb:71:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/plugins/response_paging.rb:12:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/plugins/response_target.rb:24:in `call' aws-sdk-core-3.112.1/lib/seahorse/client/request.rb:72:in `send_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/poller.rb:65:in `send_request' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/poller.rb:51:in `call' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:107:in `block in poll' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:104:in `loop' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:104:in `poll' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:94:in `block (2 levels) in wait' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:93:in `catch' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:93:in `block in wait' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:92:in `catch' aws-sdk-core-3.112.1/lib/aws-sdk-core/waiters/waiter.rb:92:in `wait' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/waiters.rb:123:in `wait' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/bucket.rb:98:in `wait_until_exists' aws-sdk-s3-1.90.0/lib/aws-sdk-s3/bucket.rb:79:in `exists?' /var/www/discourse/lib/s3_helper.rb:276:in `s3_bucket' /var/www/discourse/lib/s3_helper.rb:192:in `list' /var/www/discourse/lib/backup_restore/s3_backup_store.rb:75:in `unsorted_files' /var/www/discourse/lib/backup_restore/backup_store.rb:23:in `files' /var/www/discourse/lib/backup_restore/backup_store.rb:28:in `latest_file' /var/www/discourse/app/jobs/scheduled/schedule_backup.rb:12:in `execute' /var/www/discourse/app/jobs/base.rb:232:in `block (2 levels) in perform' rails_multisite-3.0.0/lib/rails_multisite/connection_management.rb:80:in `with_connection' /var/www/discourse/app/jobs/base.rb:221:in `block in perform' /var/www/discourse/app/jobs/base.rb:217:in `each' /var/www/discourse/app/jobs/base.rb:217:in `perform' /var/www/discourse/app/jobs/base.rb:279:in `perform' mini_scheduler-0.13.0/lib/mini_scheduler/manager.rb:93:in `process_queue' mini_scheduler-0.13.0/lib/mini_scheduler/manager.rb:37:in `block (2 levels) in initialize'

Edição: Também notei isso nos logs:

lib/s3_helper.rb:276:in `s3_bucket'
lib/s3_helper.rb:211:in `object'
lib/file_store/s3_store.rb:265:in `presigned_url'
lib/file_store/s3_store.rb:165:in `url_for'
app/controllers/uploads_controller.rb:114:in `show_short'
app/controllers/application_controller.rb:395:in `block in with_resolved_locale'
app/controllers/application_controller.rb:395:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:71:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:355:in `call'
config/initializers/100-quiet_logger.rb:23:in `call'
config/initializers/100-silence_logger.rb:31:in `call'
lib/middleware/enforce_hostname.rb:23:in `call'
lib/middleware/request_tracker.rb:177:in `call'
Rastreamento de chamada 
Mensagem (4 cópias relatadas)

Seahorse::Client::NetworkingError (SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch))
lib/s3_helper.rb:276:in `s3_bucket'
lib/s3_helper.rb:211:in `object'
lib/file_store/s3_store.rb:265:in `presigned_url'
lib/file_store/s3_store.rb:165:in `url_for'
app/controllers/uploads_controller.rb:114:in `show_short'
app/controllers/application_controller.rb:395:in `block in with_resolved_locale'
app/controllers/application_controller.rb:395:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:71:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:355:in `call'
config/initializers/100-quiet_logger.rb:23:in `call'
config/initializers/100-silence_logger.rb:31:in `call'
lib/middleware/enforce_hostname.rb:23:in `call'
lib/middleware/request_tracker.rb:177:in `call'

Rastreamento de chamada

/usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `connect_nonblock'
/usr/local/lib/ruby/2.7.0/net/protocol.rb:44:in `ssl_socket_connect'
/usr/local/lib/ruby/2.7.0/net/http.rb:1009:in `connect'
/usr/local/lib/ruby/2.7.0/net/http.rb:943:in `do_start'
/usr/local/lib/ruby/2.7.0/net/http.rb:938:in `start'
/usr/local/lib/ruby/2.7.0/delegate.rb:83:in `method_missing'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/connection_pool.rb:300:in `start_session'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/connection_pool.rb:99:in `session_for'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/handler.rb:124:in `session'
aws-sdk-core (3.112.1) lib/seahorse/client/net_http/handler.rb:76:in `transmit'

Ambiente

HTTP HOSTS: community.naturephotographers.network
2

Parece que o certificado apresentado pelo seu serviço de Object Storage é inválido.

Verifique novamente a configuração. Se não encontrar nenhum erro nela, cole o S3_ENDPOINT aqui.

3

Obrigado. Já enviei um pedido de suporte à DO para verificar se há algum problema do lado deles.

Aqui está o endpoint: https://npn.sfo2.cdn.digitaloceanspaces.com

4

Estranho que contenha cdn na URL do endpoint. Não foi esse o caso quando testei o serviço deles.

1 curtida
5

Bom trabalho! Eu redefini para https:://sfo2.digitaloceanspaces.com e agora parece estar funcionando! É muito estranho que tenha funcionado nessa configuração por possivelmente anos e de repente tenha parado hoje. Agradeço sua ajuda, Rafael!

1 curtida
6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.