View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0001385 | CATS.cacert.org | Result Upload | public | 2015-05-13 07:31 | 2015-05-15 18:04 |
Reporter | Ted | Assigned To | Ted | ||
Priority | normal | Severity | major | Reproducibility | sometimes |
Status | needs work | Resolution | open | ||
Summary | 0001385: Since the installation of the new client certificate result upload is VERY unreliable | ||||
Description | - Automatic upload (every 5 minutes) does not work at all - Manually starting the script also does ot work - When starting the script in Perl-Debugger it works most of the times Relevant script is functions/UploadResults.pl Problem started after installing the new client certificate: Org client cert, Class 3, serial 157358 (0x266ae) Previous certificate was same type (Org cert, Class 3, same keysize). The only difference (beyond the obvious ones for a new key) is the CN and OU: Old cert: CN=CAcert Assurer Testing System/emailAddress=cats@cacert.org OU=CAcert Education Team New cert: CN=cats@cacert.org/emailAddress=cats@cacert.org OU=Education | ||||
Tags | No tags attached. | ||||
|
Since the script works at least sometimes, I don't think it's a problem of the certificate. One of the known problems with the script, or maybe the whole API, is that no explicit error is reported when an expired certificate is used to connect. It seems that in this case the connection is closed without any response. Maybe the problem is the handling of empty results of Net::SSLeay::ssl_read_CRLF, maybe there should be retries... |
|
Wytze reports that there are only very few calls to https://secure.cacert.org/cats/cats_import.php in the webserver log since the new certificate was installed (May 08). The logged entries in fact coincide with my successful tests using the debugger... |