[GeoNode-devel] SSL error on upload and saving metadata

Cezary Statkiewicz cezary.statkiewicz at geo-solutions.it
Tue May 9 00:26:32 PDT 2017


On Tuesday, May 9, 2017 8:27:50 AM CEST Jonathan Doig wrote:
> Hi devs
> 
> I'm putting our Geonode 2.4 behind SSL to protect the passwords over the
> net.
> 
> Based on the
> doco<http://docs.geonode.org/en/master/tutorials/advanced/geonode_productio
> n/ssl.html> I've written two ansible scripts,
> one<https://github.com/UNSW-CFRC/geonode_install/blob/master/install_geonod
> e/10_generate_ssl_csr.yml> to generate the key and CSR, the
> other<https://github.com/UNSW-CFRC/geonode_install/blob/master/install_ssl_
> cert.yml> to install the certificate supplied by our university IT. I
> included the step to add the certificate to httplib2/cacerts.txt for
> python.
> 
> This works OK in general - the site itself shows as secure in Chrome.
> 
> However, I get errors when uploading a layer and saving metadata:
> SSLHandshakeError at /layers/geonode:test_issue086a/metadata
> [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)

 Could you run

 curl -vvv https://your.private.geoserver/geoserver/

 curl -vvv https://your.public.geoserver/geoserver/

 and put outputs from those commands?
 
> 
> Any thoughts?
> 
> This is similar but not identical to the issue reported last year by Antoine
> Rolland (below).
> 
> Regards
> Jonathan
> 
> 
> 
> Jun 06, 2016; 11:20pm [Antoine ROLLAND]
> <http://osgeo-org.1560.x6.nabble.com/template/NamlServlet.jtp?macro=user_no
> des&user=379386>  Antoine
> ROLLAND<http://osgeo-org.1560.x6.nabble.com/template/NamlServlet.jtp?macro=
> user_nodes&user=379386> SSL HandshakeError Hello everyone,
> 
> I'm using Geonode 2.4 stable version, and it's now running under SSL. After
> this change, part of the website is still working well, but I meet errors
> while editing metada (when I save), and also when I try to upload a new
> layer. This is the error I meet :
> 
> SSLHandshakeError at /layers/geonode:communes/metadata
> [Errno 1] _ssl.c:510: error:140770FC:SSL
> routines:SSL23_GET_SERVER_HELLO:unknown protocol Request Method: POST
> Request URL: https://aware.cirad.fr/layers/geonode:communes/metadata
> Django Version: 1.6.11
> Exception Type: SSLHandshakeError
> Exception Value:
> [Errno 1] _ssl.c:510: error:140770FC:SSL
> routines:SSL23_GET_SERVER_HELLO:unknown protocol Exception Location:
> /usr/lib/python2.7/dist-packages/httplib2/__init__.py in connect, line 1043
> Python Executable: /usr/bin/python
> Python Version: 2.7.6
> Python Path:
> ['/usr/lib/python2.7',
>  '/usr/lib/python2.7/plat-x86_64-linux-gnu',
>  '/usr/lib/python2.7/lib-tk',
>  '/usr/lib/python2.7/lib-old',
>  '/usr/lib/python2.7/lib-dynload',
>  '/usr/local/lib/python2.7/dist-packages',
>  '/usr/lib/python2.7/dist-packages',
>  '/usr/lib/python2.7/dist-packages/PILcompat',
>  '/usr/lib/pymodules/python2.7',
>  '/var/www']
> Server time: lun, 6 Jui 2016 09:09:43 -0400
> 
> 
> Also, it seems that the url of the website generated is wrong : a "/" is
> missing between "websitename" and "uploaded/thumbs" (for instance). I
> suppose it is a consequence of the error i meet.
> 
> Any help would be really appreciated
> 
> Thanks
> 
> Antoine Rolland
> _______________________________________________
> geonode-devel mailing list
> [hidden
> email]<http://osgeo-org.1560.x6.nabble.com/user/SendEmail.jtp?type=node&nod
> e=5270129&i=0> http://lists.osgeo.org/mailman/listinfo/geonode-devel


-- 
Cezary Statkiewicz
 mailto: cezio at thelirium.net
 xmpp: cezio at jabber.org
 pgp: https://thelirium.net/cezio@thelirium.net.pub.key



More information about the geonode-devel mailing list