Comments (9)
bkerley
commented on August 17, 2024
Don't feel too bad, I've found TLS issues with Ruby's OpenSSL bindings to be very difficult to troubleshoot, and I understand the stuff!
The first thing I'd attempt is adding a ca_file to your authentication configuration: http://basho.github.io/riak-ruby-client/config.html#toc-security . It's possible that OpenSSL may not be looking in the right place for the CA-bundle.
If that doesn't work, there's some extra information we can grab with Wireshark, but that's a whole new world of complication, and even harder to redact.
from riak-ruby-client.
coding-brigadier
commented on August 17, 2024
That's what I was thinking. And I tried to hack the OpenSSL Ruby API by overriding the CERT_DIR (please don't kill me) to no avail. I'll try to follow the instructions you provided. Thank you
from riak-ruby-client.
bkerley
commented on August 17, 2024
Haha! Is CERT_DIR an environment variable? I don't believe we do anything in particular with it.
Please let me know if the instructions work: I'd like to reference the error more explicitly, or even wrap it in a friendlier error.
Also let me know if they don't work, for obvious reasons :)
from riak-ruby-client.
coding-brigadier
commented on August 17, 2024
yes, SSL_CERT_DIR was an environment variable. Hacky, but it was a desperate attempt to narrow down the issue :)
Also, including a ca_file to point to ca-bundle (ca-certificates.crt file since I am on Ubuntu) did not work. Still getting the same error. Will continue looking into it. If you find something of interest, please let me know
from riak-ruby-client.
bkerley
commented on August 17, 2024
Can you extract the particular CA cert from the bundle?
from riak-ruby-client.
coding-brigadier
commented on August 17, 2024
So I actually solved the problem.
Apparently in Riak config a CA File of its own was setup. Keep in mind that my app was living on a separate cluster than Riak. So I just scp'ed that CA file that was used in the config and passed it in as ca_file.
Either way, problem solved! And I feel a tad silly 😄
from riak-ruby-client.
bkerley
commented on August 17, 2024
Thanks for pointing out possible issues anyways!
Would some kind of diagnostic tool that could grab a server cert or some kind of cert data from Riak have been useful?
from riak-ruby-client.
coding-brigadier
commented on August 17, 2024
Well, a more detailed error message would've been useful worst case :)
But that tool might save quite a bit of time as well. Especially if one is not a crypto expert.
from riak-ruby-client.
Basho-JIRA
commented on August 17, 2024
Fixed, or closed via GitHub issues.
[posted via JIRA by Alexander Moore]
from riak-ruby-client.
Related Issues (20)
- Riak search instructions do not work [JIRA: CLIENTS-404] HOT 1
- Don't error on empty TsQueryResp responses [JIRA: CLIENTS-620] HOT 1
- Timestamp value parsing [JIRA: CLIENTS-822] HOT 3
- Finding objects by integer keys fail badly [JIRA: CLIENTS-865] HOT 2
- Improve error when non-String is used as a key [JIRA: CLIENTS-868]
- TimeSeries Query returning timestamps with rounding error [JIRA: CLIENTS-889] HOT 11
- Some tests fail running under OSX [JIRA: CLIENTS-890] HOT 1
- `getaddrinfo': can't convert Hash into String (TypeError) [JIRA: CLIENTS-924] HOT 8
- Update support for 1.9.3 [JIRA: CLIENTS-947] HOT 1
- Errors when using beefcake 1.2.0 [JIRA: CLIENTS-949] HOT 1
- Need clean way to handle deleted objects and tombstones [JIRA: CLIENTS-965] HOT 5
- Implement saving bucket type properties [JIRA: CLIENTS-1010]
- Ruby tests fails with latests TS version [JIRA: CLIENTS-1052] HOT 2
- wait_for_finish should not be public [JIRA: CLIENTS-1054] HOT 4
- GSet Support - Ruby [JIRA: CLIENTS-1062]
- Add warning and safety mechanism to prevent unintentional list [buckets | keys] operations [JIRA: CLIENTS-1071] HOT 1
- Ruby content.meta does not correctly apply X-Riak-Meta- prefix [JIRA: CLIENTS-1109] HOT 3
- Use RIAK Client in Multithreaded application
- Interview partners for research about communication in GitHub projects wanted
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from riak-ruby-client.