SSL error

[mcravtov]

Hello I'm getting this error when I start tor2web, is there any way to fix it?

2018-12-28 17:32:39+0200 [-] Unhandled Error
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/twisted/internet/posixbase.py", line 597, in _doReadOrWrite
why = selectable.doRead()
File "/usr/lib/python2.7/dist-packages/twisted/internet/tcp.py", line 209, in doRead
return self._dataReceived(data)
File "/usr/lib/python2.7/dist-packages/twisted/internet/tcp.py", line 215, in _dataReceived
rval = self.protocol.dataReceived(data)
File "/usr/lib/python2.7/dist-packages/twisted/protocols/tls.py", line 415, in dataReceived
self._write(bytes)
--- ---
File "/usr/lib/python2.7/dist-packages/twisted/protocols/tls.py", line 554, in _write
sent = self._tlsConnection.send(toSend)
File "/usr/lib/python2.7/dist-packages/OpenSSL/SSL.py", line 1272, in send
self._raise_ssl_error(self._ssl, result)
File "/usr/lib/python2.7/dist-packages/OpenSSL/SSL.py", line 1188, in _raise_ssl_error
_raise_current_error()
File "/usr/lib/python2.7/dist-packages/OpenSSL/_util.py", line 48, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')]

[arunasank]

tor2web breaks on xenial while verifying certificates. I am using a certificate from LetsEncrypt and it still fails.

2019-07-16 20:39:14+0000 [-] Stopping factory <HTTPClientCacheFactory: https://check.torproject.org/exit-addresses>
2019-07-16 20:39:14+0000 [-] Stopping factory <HTTPClientFactory: https://www.torproject.org/projects/torbrowser/RecommendedTBBVersions>
2019-07-16 20:39:45+0000 [twisted.spread.pb.PBServerFactory] (UNIX Port /var/run/tor2web/rpc.socket Closed)
2019-07-16 20:39:45+0000 [-] Stopping factory <twisted.spread.pb.PBServerFactory instance at 0x7fe299b0b998>
2019-07-16 20:39:45+0000 [-] Main loop terminated.
2019-07-16 20:44:52+0000 [-] Log opened.
2019-07-16 20:44:52+0000 [-] PBServerFactory starting on '/var/run/tor2web/rpc.socket'
2019-07-16 20:44:52+0000 [-] Starting factory <twisted.spread.pb.PBServerFactory instance at 0x7fd3334e3998>
2019-07-16 20:44:52+0000 [-] Starting factory <HTTPClientFactory: https://www.torproject.org/projects/torbrowser/RecommendedTBBVersions>
2019-07-16 20:44:52+0000 [-] Unhandled error in Deferred:
2019-07-16 20:44:52+0000 [-] Unhandled Error
        Traceback (most recent call last):
          File "/usr/lib/python2.7/dist-packages/twisted/internet/posixbase.py", line 597, in _doReadOrWrite
            why = selectable.doRead()
          File "/usr/lib/python2.7/dist-packages/twisted/internet/tcp.py", line 209, in doRead
            return self._dataReceived(data)
          File "/usr/lib/python2.7/dist-packages/twisted/internet/tcp.py", line 215, in _dataReceived
            rval = self.protocol.dataReceived(data)
          File "/usr/lib/python2.7/dist-packages/twisted/protocols/tls.py", line 415, in dataReceived
            self._write(bytes)
        --- <exception caught here> ---
          File "/usr/lib/python2.7/dist-packages/twisted/protocols/tls.py", line 554, in _write
            sent = self._tlsConnection.send(toSend)
          File "/usr/lib/python2.7/dist-packages/OpenSSL/SSL.py", line 1272, in send
            self._raise_ssl_error(self._ssl, result)
          File "/usr/lib/python2.7/dist-packages/OpenSSL/SSL.py", line 1188, in _raise_ssl_error
            _raise_current_error()
          File "/usr/lib/python2.7/dist-packages/OpenSSL/_util.py", line 48, in exception_from_error_queue
            raise exception_type(errors)
        OpenSSL.SSL.Error: [('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')]

[arunasank]

I see the same error, even when using self-signed certificates. Any thoughts?

[arunasank]

Note that the error is also thrown when the TRANSPORT configuration parameter is set to HTTP alone, instead of BOTH. Why are we trying to use SSL when the user only wants http?