| Index | Recent Threads | Unanswered Threads | Who's Active | Guidelines | Search |
 |
World Community Grid Forums
Category: Support
Forum: BOINC Agent Support
Thread: Peer certificate cannot be authenticated [Resolved] |
| No member browsing this thread |
|
Thread Status: Active Total posts in this thread: 10
|
|
| Author |
|
|
Modoc
Cruncher Joined: Aug 23, 2007 Post Count: 4 Status: Offline Project Badges: 
|
At work they have recently tightened internet security and directly thereafter I developed a problem in BOINC where it is unable to upload or download. I am getting the error message:
----------------------------------------Scheduler request failed: Peer certificate cannot be authenticated with known CA certificates When I first start up BOINC one of the messages generated is: URL: http://www.worldcommunitygrid.org/ yet the certificate seems to be issued to http://secure.worldcommunitygrid.org/ Here is a typical sequence of messages: 8/5/2008 10:50:14 AM|World Community Grid|Started upload of R00061_7404c6e3860bd90b45d3c938934d4b83_03_002_3_0 8/5/2008 10:50:14 AM|World Community Grid|Started upload of X0000048910171200505050840_0_0 8/5/2008 10:50:16 AM|World Community Grid|Temporarily failed upload of R00061_7404c6e3860bd90b45d3c938934d4b83_03_002_3_0: HTTP error 8/5/2008 10:50:16 AM|World Community Grid|Backing off 1 hr 40 min 7 sec on upload of R00061_7404c6e3860bd90b45d3c938934d4b83_03_002_3_0 8/5/2008 10:50:16 AM|World Community Grid|Temporarily failed upload of X0000048910171200505050840_0_0: HTTP error 8/5/2008 10:50:16 AM|World Community Grid|Backing off 2 hr 2 min 13 sec on upload of X0000048910171200505050840_0_0 8/5/2008 10:50:18 AM|World Community Grid|Fetching scheduler list 8/5/2008 10:50:23 AM|World Community Grid|Master file download succeeded 8/5/2008 10:50:28 AM|World Community Grid|Sending scheduler request: Requested by project. Requesting 1728 seconds of work, reporting 1 completed tasks 8/5/2008 10:50:33 AM|World Community Grid|Scheduler request failed: Peer certificate cannot be authenticated with known CA certificates I upgraded to the latest version of BOIC, from 5.10.45 to 6.2.14, to see if that would help, but it did not. I am running Microsoft Windows XP: Professional Edition, Service Pack 3. Help!!!! Does anyone know how I can fix this problem? [Edit 4 times, last edit by Modoc at Aug 7, 2008 12:50:03 AM] |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
Do you use a proxy? It is possible you need to force it to authenticate properly.
|
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
Do you have a file called ca-bundle.crt in your BOINC data directory ?
If not, download it from here and put it in there. Close down Boincmgr, restart it and let us know if the issue is still there. Basically, the problem is that BOINC is looking to authenticate against an X.509 certificate and cannot get access to it. This is a problem with WCG and not other BOINC projects as WCG uses https (secure HTTP) that needs the certificate authority information. |
||
|
|
Modoc
Cruncher Joined: Aug 23, 2007 Post Count: 4 Status: Offline Project Badges:
|
I did have a file named ca-bundle.crt in my BOINC data directory. I deleted it and downloaded the file you linked to in your message just to be sure I had a good one. There is no change in my issue. I am still having the problem after closing down Boincmgr and restarting it.
We are not using a proxy. At least our networking staff says we aren't and there are not any proxy settings specified in IE under Tools>Internet Options>Connections in this browser. |
||
|
|
Sekerob
Ace Cruncher Joined: Jul 24, 2005 Post Count: 20043 Status: Offline |
I'd not expect it's the certificate as before the tightening it worked. If no Proxy, the Firewall maybe. At least WCG needs to be able to get out over port 443 to IP 129.33.89.133+134
----------------------------------------When internet security was tightened was there anything on your machine installed like Kaspersky or another security suite? Here a discussion: http://www.worldcommunitygrid.org/forums/wcg/...hread=18045&offset=63
WCG
Please help to make the Forums an enjoyable experience for All! |
||
|
|
Modoc
Cruncher Joined: Aug 23, 2007 Post Count: 4 Status: Offline Project Badges:
|
It turns out it is the Kaspersky security suite that is causing the problem, but it is not installed on the PC. It is on an appliance that monitors all traffic coming in or out of our firewall. Changing the settings as described in the thread Sekerob linked to will not work in this case. The solution arrived at by our network people in this case was to set the BlueCoat application Kaspersky was incorporated into not to check certificates coming from WCG.
Thanks for the information Sekerob. |
||
|
|
Sekerob
Ace Cruncher Joined: Jul 24, 2005 Post Count: 20043 Status: Offline |
I like Bingo.
----------------------------------------Can you please edit the opening post title and insert [RESOLVED] That tells people it's a thread with a solution. cheers.
WCG
Please help to make the Forums an enjoyable experience for All! |
||
|
|
rektauB
Cruncher Joined: Sep 27, 2007 Post Count: 7 Status: Offline Project Badges: 
|
I had a different error but it turned out to be the same problem.
So once again: Do you have a file called ca-bundle.crt in your BOINC data directory ? If not, download it from http://boinc.berkeley.edu/trac/browser/trunk/.../ca-bundle.crt?format=raw and put it in there. Close down Boincmgr, restart it and let us know if the issue is still there. |
||
|
|
JmBoullier
Former Community Advisor Normandy - France Joined: Jan 26, 2007 Post Count: 3715 Status: Offline Project Badges: 
|
Do you have a file called ca-bundle.crt in your BOINC data directory ? Modoc certainly has it since this problem is [RESOLVED], although s/he has not updated the title of the opening post as kindly asked by Sekerob. And now s/he can no longer do it since this opening post is more than 30 days old....  Thank you for your effort anyway. Cheers. Jean. |
||
|
|
Sekerob
Ace Cruncher Joined: Jul 24, 2005 Post Count: 20043 Status: Offline |
[offtopic]The good news is,
----------------------------------------- Changes to posts can be done 60 days, but it is best practice to footnote a post with an "[EDIT]" comment to indicate what the change was. - Deletions of "Unresponded" posts 7 days is possbile. - No way to see for the reader in any of the forum thread overviews if someone updated a post. Bumping the thread with a new post to highlight important changes are most helpful. - No Email is being send if a thread in the "Watch" list has an updated posts. Re-reading a thread of interest is to only way to find out. [/offtopic] The OP is marked [Resolved], so no further action is needed. cheers
WCG
Please help to make the Forums an enjoyable experience for All! |
||
|
|
|