Uploaded image for project: 'Help-Desk'
  1. Help-Desk
  2. HELP-6048

FIWARE.Question.Tech.Apps.ApplicationMashup.IdMIntegration.KeyRockAuthFailingSelfsignedCert

        Details

          Description

          Created question in FIWARE Q/A platform on 04-03-2016 at 09:03
          Please, ANSWER this question AT http://stackoverflow.com/questions/35791817/keystone-wirecloud-authentication-failed-ssl-certificate-verify-failed

          Question:
          Keystone Wirecloud Authentication failed: [SSL: CERTIFICATE_VERIFY_FAILED]

          Description:
          When trying to authenticate in Wirecloud via KeyStone we get the following error displayed in the browser:

          Environment:

          Request Method: GET
          Request URL: https://<ServerURL>/complete/fiware/?state=SDyJk9ru8wSLwUZIRtSrwI86jznMIv8O&code=WzIZ11YpmGAuZoltvTTGMGoP45ZtHe

          Django Version: 1.6.11
          Python Version: 2.7.9
          Installed Applications:
          ('django.contrib.auth',
          'django.contrib.contenttypes',
          'django.contrib.sessions',
          'django.contrib.messages',
          'django.contrib.staticfiles',
          'django.contrib.admin',
          'wirecloud.commons',
          'wirecloud.defaulttheme',
          'compressor',
          'south',
          'wirecloud.catalogue',
          'wirecloud.platform',
          'wirecloud.fiware',
          'social.apps.django_app.default')
          Installed Middleware:
          ('wirecloud.commons.middleware.URLMiddleware',)

          Traceback:
          File "/usr/local/venv/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
          112. response = wrapped_callback(request, *callback_args, **callback_kwargs)
          File "/usr/local/venv/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
          52. response = view_func(request, *args, **kwargs)
          File "/usr/local/venv/lib/python2.7/site-packages/django/views/decorators/csrf.py" in wrapped_view
          57. return view_func(*args, **kwargs)
          File "/usr/local/venv/lib/python2.7/site-packages/social/apps/django_app/utils.py" in wrapper
          51. return func(request, backend, *args, **kwargs)
          File "/usr/local/venv/lib/python2.7/site-packages/social/apps/django_app/views.py" in complete
          28. redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)
          File "/usr/local/venv/lib/python2.7/site-packages/social/actions.py" in do_complete
          43. user = backend.complete(user=user, *args, **kwargs)
          File "/usr/local/venv/lib/python2.7/site-packages/social/backends/base.py" in complete
          41. return self.auth_complete(*args, **kwargs)
          File "/usr/local/venv/lib/python2.7/site-packages/social/utils.py" in wrapper
          229. return func(*args, **kwargs)
          File "/usr/local/venv/lib/python2.7/site-packages/social/backends/oauth.py" in auth_complete
          383. method=self.ACCESS_TOKEN_METHOD
          File "/usr/local/venv/lib/python2.7/site-packages/social/backends/oauth.py" in request_access_token
          361. return self.get_json(*args, **kwargs)
          File "/usr/local/venv/lib/python2.7/site-packages/social/backends/base.py" in get_json
          229. return self.request(url, *args, **kwargs).json()
          File "/usr/local/venv/lib/python2.7/site-packages/social/backends/base.py" in request
          224. raise AuthFailed(self, str(err))

          Exception Type: AuthFailed at /complete/fiware/
          Exception Value: Authentication failed: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)

          The Wirecloud log shows the following:

          [Fri Mar 04 08:09:51.933675 2016] [ssl:info] [pid 29119:tid 140090189723392] [client 172.30.20.99:63539] AH01964: Connection to child 20 established (server <ServerURL>:443)
          [Fri Mar 04 08:10:04.388865 2016] [ssl:info] [pid 29120:tid 140090223294208] [client 172.30.20.99:63557] AH01964: Connection to child 80 established (server <ServerURL>:443)
          [Fri Mar 04 08:10:04.443926 2016] [wsgi:error] [pid 29117:tid 140090323621632] Internal Server Error: /complete/fiware/
          [Fri Mar 04 08:10:04.443940 2016] [wsgi:error] [pid 29117:tid 140090323621632] Traceback (most recent call last):
          [Fri Mar 04 08:10:04.443942 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/django/core/handlers/base.py", line 112, in get_response
          [Fri Mar 04 08:10:04.443945 2016] [wsgi:error] [pid 29117:tid 140090323621632] response = wrapped_callback(request, *callback_args, **callback_kwargs)
          [Fri Mar 04 08:10:04.443947 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/django/views/decorators/cache.py", line 52, in _wrapped_view_func
          [Fri Mar 04 08:10:04.443950 2016] [wsgi:error] [pid 29117:tid 140090323621632] response = view_func(request, *args, **kwargs)
          [Fri Mar 04 08:10:04.443952 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/django/views/decorators/csrf.py", line 57, in wrapped_view
          [Fri Mar 04 08:10:04.443954 2016] [wsgi:error] [pid 29117:tid 140090323621632] return view_func(*args, **kwargs)
          [Fri Mar 04 08:10:04.443956 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/social/apps/django_app/utils.py", line 51, in wrapper
          [Fri Mar 04 08:10:04.443958 2016] [wsgi:error] [pid 29117:tid 140090323621632] return func(request, backend, *args, **kwargs)
          [Fri Mar 04 08:10:04.443960 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/social/apps/django_app/views.py", line 28, in complete
          [Fri Mar 04 08:10:04.443962 2016] [wsgi:error] [pid 29117:tid 140090323621632] redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)
          [Fri Mar 04 08:10:04.443964 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/social/actions.py", line 43, in do_complete
          [Fri Mar 04 08:10:04.443966 2016] [wsgi:error] [pid 29117:tid 140090323621632] user = backend.complete(user=user, *args, **kwargs)
          [Fri Mar 04 08:10:04.443968 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/social/backends/base.py", line 41, in complete
          [Fri Mar 04 08:10:04.443971 2016] [wsgi:error] [pid 29117:tid 140090323621632] return self.auth_complete(*args, **kwargs)
          [Fri Mar 04 08:10:04.443973 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/social/utils.py", line 229, in wrapper
          [Fri Mar 04 08:10:04.443975 2016] [wsgi:error] [pid 29117:tid 140090323621632] return func(*args, **kwargs)
          [Fri Mar 04 08:10:04.443977 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/social/backends/oauth.py", line 383, in auth_complete
          [Fri Mar 04 08:10:04.443979 2016] [wsgi:error] [pid 29117:tid 140090323621632] method=self.ACCESS_TOKEN_METHOD
          [Fri Mar 04 08:10:04.443981 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/social/backends/oauth.py", line 361, in request_access_token
          [Fri Mar 04 08:10:04.443983 2016] [wsgi:error] [pid 29117:tid 140090323621632] return self.get_json(*args, **kwargs)
          [Fri Mar 04 08:10:04.443985 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/social/backends/base.py", line 229, in get_json
          [Fri Mar 04 08:10:04.443987 2016] [wsgi:error] [pid 29117:tid 140090323621632] return self.request(url, *args, **kwargs).json()
          [Fri Mar 04 08:10:04.443995 2016] [wsgi:error] [pid 29117:tid 140090323621632] File "/usr/local/venv/lib/python2.7/site-packages/social/backends/base.py", line 224, in request
          [Fri Mar 04 08:10:04.443997 2016] [wsgi:error] [pid 29117:tid 140090323621632] raise AuthFailed(self, str(err))
          [Fri Mar 04 08:10:04.443999 2016] [wsgi:error] [pid 29117:tid 140090323621632] AuthFailed: Authentication failed: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)

          And the Horizon log displays this:

          [Fri Mar 04 08:10:01.939771 2016] [ssl:info] [pid 29120:tid 140090282043136] [client 172.30.20.99:63555] AH01964: Connection to child 73 established (<ServerURL>:443)
          [Fri Mar 04 07:10:02.175214 2016] [wsgi:error] [pid 29118:tid 140090390763264] No regions could be found excluding identity.
          [Fri Mar 04 07:10:02.175651 2016] [wsgi:error] [pid 29118:tid 140090390763264] Login successful for user "<UserEmail>".
          [Fri Mar 04 07:10:02.313486 2016] [wsgi:error] [pid 29118:tid 140090415941376] DEBUG:idm_logger:Requesting authorization for application: 904fd95c253c4938a824d1a443ce0fdd with redirect_uri: https://&lt;ServerURL&gt;/complete/fiware/ and scope: ['all_info'] by user <UserName>
          [Fri Mar 04 07:10:02.346101 2016] [wsgi:error] [pid 29118:tid 140090415941376] DEBUG:idm_logger:OAUTH2: Application 904fd95c253c4938a824d1a443ce0fdd NOT alreadyauthorized
          [Fri Mar 04 07:10:04.250695 2016] [wsgi:error] [pid 29118:tid 140090390763264] DEBUG:idm_logger:Authorizing application: 904fd95c253c4938a824d1a443ce0fdd by user: <UserName>
          [Fri Mar 04 07:10:04.274461 2016] [wsgi:error] [pid 29118:tid 140090390763264] DEBUG:idm_logger:OAUTH2: Authorization Code obtained WzIZ11YpmGAuZoltvTTGMGoP45ZtHe
          [Fri Mar 04 07:10:04.274541 2016] [wsgi:error] [pid 29118:tid 140090390763264] DEBUG:idm_logger:OAUTH2: Redirecting user back to https://&lt;ServerURL&gt;/complete/fiware/?state=SDyJk9ru8wSLwUZIRtSrwI86jznMIv8O&amp;code=WzIZ11YpmGAuZoltvTTGMGoP45ZtHe
          [Fri Mar 04 08:10:04.441087 2016] [ssl:info] [pid 29120:tid 140090189723392] [client 192.168.149.9:53270] AH01964: Connection to child 84 established (server <ServerURL>:443)
          [Fri Mar 04 08:10:04.442137 2016] [ssl:info] [pid 29120:tid 140090189723392] [client 192.168.149.9:53270] AH02008: SSL library error 1 in handshake (server <ServerURL>:443)
          [Fri Mar 04 08:10:04.442165 2016] [ssl:info] [pid 29120:tid 140090189723392] SSL Library Error: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (SSL alert number 48)
          [Fri Mar 04 08:10:04.442174 2016] [ssl:info] [pid 29120:tid 140090189723392] [client 192.168.149.9:53270] AH01998: Connection closed to child 84 with abortive shutdown (server <ServerURL>:443)

          Horizon and Wirecloud run on the same apache, Wirecloud under port 443 and Horizon under port 40443. Both use the same cert files for ssl and work, called by themself, fine.

          Since I am pretty new to ssl usage in apache any halp would be much appreciated.

            Activity

            Ascending order - Click to sort in descending order
            Hide
            Permalink
            backlogmanager Backlog Manager added a comment -

            2016-03-04 12:05|CREATED monitor | # answers= 0, accepted answer= False

            Show
            backlogmanager Backlog Manager added a comment - 2016-03-04 12:05|CREATED monitor | # answers= 0, accepted answer= False
            Hide
            Permalink
            backlogmanager Backlog Manager added a comment -

            2016-03-04 21:05|UPDATED status: transition Answer| # answers= 1, accepted answer= False

            Show
            backlogmanager Backlog Manager added a comment - 2016-03-04 21:05|UPDATED status: transition Answer| # answers= 1, accepted answer= False
            Hide
            Permalink
            backlogmanager Backlog Manager added a comment -

            2016-03-05 00:05|UPDATED status: transition Answered| # answers= 1, accepted answer= False

            Show
            backlogmanager Backlog Manager added a comment - 2016-03-05 00:05|UPDATED status: transition Answered| # answers= 1, accepted answer= False
            Hide
            Permalink
            backlogmanager Backlog Manager added a comment -

            2016-03-06 21:05|UPDATED status: transition Finish| # answers= 1, accepted answer= False

            Show
            backlogmanager Backlog Manager added a comment - 2016-03-06 21:05|UPDATED status: transition Finish| # answers= 1, accepted answer= False

              People

              • Assignee:
                aarranz Álvaro Arranz
                Reporter:
                backlogmanager Backlog Manager
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: