[GeoNode-devel] SSL error on upload and saving metadata
Cezary Statkiewicz
cezary.statkiewicz at geo-solutions.it
Tue May 9 00:26:32 PDT 2017
On Tuesday, May 9, 2017 8:27:50 AM CEST Jonathan Doig wrote:
> Hi devs
>
> I'm putting our Geonode 2.4 behind SSL to protect the passwords over the
> net.
>
> Based on the
> doco<http://docs.geonode.org/en/master/tutorials/advanced/geonode_productio
> n/ssl.html> I've written two ansible scripts,
> one<https://github.com/UNSW-CFRC/geonode_install/blob/master/install_geonod
> e/10_generate_ssl_csr.yml> to generate the key and CSR, the
> other<https://github.com/UNSW-CFRC/geonode_install/blob/master/install_ssl_
> cert.yml> to install the certificate supplied by our university IT. I
> included the step to add the certificate to httplib2/cacerts.txt for
> python.
>
> This works OK in general - the site itself shows as secure in Chrome.
>
> However, I get errors when uploading a layer and saving metadata:
> SSLHandshakeError at /layers/geonode:test_issue086a/metadata
> [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)
Could you run
curl -vvv https://your.private.geoserver/geoserver/
curl -vvv https://your.public.geoserver/geoserver/
and put outputs from those commands?
>
> Any thoughts?
>
> This is similar but not identical to the issue reported last year by Antoine
> Rolland (below).
>
> Regards
> Jonathan
>
>
>
> Jun 06, 2016; 11:20pm [Antoine ROLLAND]
> <http://osgeo-org.1560.x6.nabble.com/template/NamlServlet.jtp?macro=user_no
> des&user=379386> Antoine
> ROLLAND<http://osgeo-org.1560.x6.nabble.com/template/NamlServlet.jtp?macro=
> user_nodes&user=379386> SSL HandshakeError Hello everyone,
>
> I'm using Geonode 2.4 stable version, and it's now running under SSL. After
> this change, part of the website is still working well, but I meet errors
> while editing metada (when I save), and also when I try to upload a new
> layer. This is the error I meet :
>
> SSLHandshakeError at /layers/geonode:communes/metadata
> [Errno 1] _ssl.c:510: error:140770FC:SSL
> routines:SSL23_GET_SERVER_HELLO:unknown protocol Request Method: POST
> Request URL: https://aware.cirad.fr/layers/geonode:communes/metadata
> Django Version: 1.6.11
> Exception Type: SSLHandshakeError
> Exception Value:
> [Errno 1] _ssl.c:510: error:140770FC:SSL
> routines:SSL23_GET_SERVER_HELLO:unknown protocol Exception Location:
> /usr/lib/python2.7/dist-packages/httplib2/__init__.py in connect, line 1043
> Python Executable: /usr/bin/python
> Python Version: 2.7.6
> Python Path:
> ['/usr/lib/python2.7',
> '/usr/lib/python2.7/plat-x86_64-linux-gnu',
> '/usr/lib/python2.7/lib-tk',
> '/usr/lib/python2.7/lib-old',
> '/usr/lib/python2.7/lib-dynload',
> '/usr/local/lib/python2.7/dist-packages',
> '/usr/lib/python2.7/dist-packages',
> '/usr/lib/python2.7/dist-packages/PILcompat',
> '/usr/lib/pymodules/python2.7',
> '/var/www']
> Server time: lun, 6 Jui 2016 09:09:43 -0400
>
>
> Also, it seems that the url of the website generated is wrong : a "/" is
> missing between "websitename" and "uploaded/thumbs" (for instance). I
> suppose it is a consequence of the error i meet.
>
> Any help would be really appreciated
>
> Thanks
>
> Antoine Rolland
> _______________________________________________
> geonode-devel mailing list
> [hidden
> email]<http://osgeo-org.1560.x6.nabble.com/user/SendEmail.jtp?type=node&nod
> e=5270129&i=0> http://lists.osgeo.org/mailman/listinfo/geonode-devel
--
Cezary Statkiewicz
mailto: cezio at thelirium.net
xmpp: cezio at jabber.org
pgp: https://thelirium.net/cezio@thelirium.net.pub.key
More information about the geonode-devel
mailing list