Is FAS (Fedora Account System) broken?
Stephen Gallagher
sgallagh at redhat.com
Fri Nov 11 21:06:55 UTC 2011
On Fri, 2011-11-11 at 10:47 +0100, Adam Tkac wrote:
> Hello,
>
> today I tried to upload new bind tarball via `fedpkg new-sources`
> command but it failed with
> "pycurl.error: (60, 'Peer certificate cannot be authenticated with given
> CA certificates')" error.
>
> I though there is problem with my ~/.fedora* certificates but after
> inspection all fedora* commands (fedora-cert -v, fedora-cert -n,
> fedora-packager-setup) fails with the same error, example:
>
> $ fedora-packager-setup
> Setting up Fedora packager environment
> You need a client certificate from the Fedora Account System, lets get
> one now
> FAS Username: atkac
> FAS Password:
> Traceback (most recent call last):
> File "/usr/bin/fedora-packager-setup", line 148, in <module>
> main()
> File "/usr/bin/fedora-packager-setup", line 112, in main
> fedora_cert.create_user_cert()
> File "/usr/lib/python2.7/site-packages/fedora_cert/__init__.py", line
> 96, in create_user_cert
> cert = fas.user_gencert()
> File "/usr/lib/python2.7/site-packages/fedora/client/fas2.py", line
> 565, in user_gencert
> request = self.send_request('user/dogencert', auth=True)
> File "/usr/lib/python2.7/site-packages/fedora/client/baseclient.py",
> line 344, in send_request
> auth_params=auth_params, retries=retries)
> File "/usr/lib/python2.7/site-packages/fedora/client/proxyclient.py",
> line 380, in send_request
> request.perform()
> pycurl.error: (60, 'Peer certificate cannot be authenticated with given
> CA certificates')
>
> Is anyone experiencing same issue? I'm using up2date F16 system.
>
> Regards, Adam
If you're running with updates-testing, you may be hitting the
certificate validation regression introduced by
https://admin.fedoraproject.org/updates/FEDORA-2011-15612
Try downgrading the 'nss' package and see if things start working again.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20111111/9875117d/attachment.bin
More information about the devel
mailing list