tsNetGetFileSync stopped working - tsNetCABundle problem

Bringing the internet highway into your project? Building FTP, HTTP, email, chat or other client solutions?

Moderators: FourthWorld, heatherlaine, Klaus, kevinmiller, robinmiller

Post Reply
SparkOut
Posts: 2839
Joined: Sun Sep 23, 2007 4:58 pm

tsNetGetFileSync stopped working - tsNetCABundle problem

Post by SparkOut » Fri Jan 01, 2021 2:56 pm

Happy New Year everyone, let's hope it's good for everybody and we will be able to leave the mess of 2020 behind.

I'm not off to the greatest start though, with an issue on a server using tsNet.

I have been using tsNetGetFileSync on a site for some time to download product data image files from a head office source hosted on Amazon AWS.
This has stopped working in the last few days, with the the message "tsneterr: (60) SSL certificate problem: unable to get local issuer certificate"

I don't think anything changed on the server, but I am prepared to believe anything, I just don't know how to troubleshoot this.

I have uploaded the ca-bundle.crt from the tsNet library to the server, and wondered if there was something that expired, so I have uploaded the latest ca-bundle.crt from LiveCode 9.6.2-rc1 but the same problem occurs. The file is located in <document root>/tsNetssl/ca-bundle.crt"

Code (having set up some path and filename vars)

Code: Select all

   tsNetInit
   wait 100 milliseconds with messages
   put sDocRoot & "/tsNetssl/ca-bundle.crt" into tCAbndl
   tsNetCABundle (tCAbndl)
   wait 100 milliseconds with messages
   --Download the required image files from AWS server
   put fetchImgFile(sDataFile,tAWSsource,tDestinationPath) into gStatus
   doErrorCheck gStatus
   tsNetClose


function fetchImgFile pDataFile,pAWSsource,pDestinationPath
    put pDestinationPath & pDataFile into tDestination
    put pAWSsource & pDataFile into tFileSource
    put empty into tHeaders
    put empty into tRecvHeaders
    put empty into tBytes
    put empty into tSettings
    --put true into tSettings["use_ssl"] --forcing ssl doesn't cange the error messsage
    put tsNetGetFileSync(tDestination,tFileSource,tHeaders,tRecvHeaders,tBytes,tSettings) into tResult
    if tResult contains "error" or tResult contains "tsNeterr" then
       return "error :" && tResult && tBytes && tRecvHeaders
    else
       return "Downloaded" && pDataFile && "to" && tDestination && "<br /><br />" && tBytes && tRecvHeaders
    end if
end fetchImgFile
Any ideas how to resolve this? I am thinking there must be something I need to do on the server that explicitly tells the tsNetBundle what to do with the CA lookups but I don't know what can have changed. It is a shared server and the other sites on it use exactly the same tsNetGetFileSync without having this issue, so I am not sure what hosting chsnges can have been made that wouldn't affect all of them.

charlesBUSd8qF
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 39
Joined: Wed Apr 11, 2012 10:28 pm

Re: tsNetGetFileSync stopped working - tsNetCABundle problem

Post by charlesBUSd8qF » Tue Jan 05, 2021 4:59 am

Hi,

You should not need to specifically set the tsNetCABundle in the LiveCode server edition.

From the looks of the error you mentioned, I would guess that the server you are interacting with has updated their SSL certificate but has not included the intermediate certificates in their SSL configuration.

Monox18
Posts: 118
Joined: Tue Nov 25, 2014 9:48 pm
Location: Deggendorf, Germany

Re: tsNetGetFileSync stopped working - tsNetCABundle problem

Post by Monox18 » Wed Jan 20, 2021 6:33 pm

The error seems local to me. The tsNet documentation suggests it is a command rather than a function, try removing the parenthesis here

Code: Select all

 tsNetCABundle (tCAbndl)
with just:

Code: Select all

 tsNetCABundle tCAbndl
Maybe it works...
Monox
Developing a Cyber Physical System.
https://www.monoxware.com/

SparkOut
Posts: 2839
Joined: Sun Sep 23, 2007 4:58 pm

Re: tsNetGetFileSync stopped working - tsNetCABundle problem

Post by SparkOut » Wed Jan 20, 2021 10:03 pm

No, but thanks for the thought. The brackets were added afterwards, just as a helper to force evaluation of the variable to ensure correct resolution of the path to the certificate bundle.
Further testing makes me think that the problem is with configuration of the server hosting the source data, but it is strange as the LC server is a shared host and other domains are still able to connect to the data source host without any changes.

Post Reply

Return to “Internet”