Thank you very much. That indeed did work, more specifically as (to include solution for the record):> sshInfo <- rerddap::info('hawaii_soest_f75b_adc6_12ab', url = 'https://apdrc.soest.hawaii.edu/erddap/', ssl_verifyhost=0, ssl_verifypeer=0)BTW - my clock and date are fine, the reason it works on some systems has to do with the SSL library being used, whether openSSL or libreSSL. And as I said, similar happened to R itself for a very short time. I can't find the references to the email exchange, but Simon Urbanek gave a very nice explanation of why this was happening. I also wonder whether it really is desirable to ignore an expired Cert in the Cert search path. Not particularly knowledgeable on this, but my offhand feeling is that could lead to problems. Thanks again for the solution! -Roy> On Jul 23, 2020, at 4:20 PM, Rasmus Liland <jral at posteo.no> wrote: > > On 2020-07-23 14:56 -0700, Roy Mendelssohn - NOAA Federal via R-help wrote: >> I am trying to get the following command to work: >> >>> sshInfo <- rerddap::info('hawaii_soest_f75b_adc6_12ab', url = 'https://apdrc.soest.hawaii.edu/erddap/') >> >> On a Mac at least (but I know for a >> fact not necessarily on other OSes) I >> get: >> >>> Error in curl::curl_fetch_memory(x$url$url, handle = x$url$handle) : >>> SSL certificate problem: certificate has expired >> >> Parenthetically, this also happened >> with R itself awhile back where an >> intermediate cert on the search path >> had expired, not the cert of the >> service itself, and depending on >> which implementation of ssl was used, >> it either ignored it or threw an >> error, as in this case. Someone I >> am working with on another OS can >> indeed run the same command, so if >> your particular OS may not have an >> issue > > I can download the dataset without > problems on my Linux thinkpad. Perhaps > you can provide some more info (but I do > not know what ...) so I/others can > reproduce this strange error ... > > Have you checked the time on the laptop > being correct and not set to e.g. > 1970-01-01 01:29? In the past, I have > found ssl errors are caused by the time > being off on my laptop, as in the case > of a flat cmos battery. > >> Anyhow, for a problem a I am working >> on I need to access this server with >> that and related commands. >> 'rerddap::info()' allows me to pass >> curl options, and normally with Curl >> you can get around the expired >> certificate using the '-k' or >> '--insecure' option. When I look at: >> >>> curl::curl_options() >> >> I do not see this option. I do not >> understand all the options listed >> there, so maybe that option is in a >> different form that I am missing. Or >> is there another way around this still >> using 'curl' . Using another function >> that does similar to 'curl' is not an >> option, because I need the >> 'rerddap::info()' call which calls a >> package called "crul" which ultimately >> calls 'curl'. >> >> Thanks, >> >> -Roy >> >> PS - And yes I informed the owner of >> the site about the expired >> certificate, that was a couple of >> weeks ago. > > Perhaps setting > > options("ssl_verifyhost"=0, "ssl_verifypeer"=0) > > helps? [1] > > Best, > Rasmus > > [1] https://stackoverflow.com/questions/47715918/how-to-pass-the-curl-insecure-alternative-when-using-r********************** "The contents of this message do not reflect any position of the U.S. Government or NOAA." ********************** Roy Mendelssohn Supervisory Operations Research Analyst NOAA/NMFS Environmental Research Division Southwest Fisheries Science Center ***Note new street address*** 110 McAllister Way Santa Cruz, CA 95060 Phone: (831)-420-3666 Fax: (831) 420-3980 e-mail: Roy.Mendelssohn at noaa.gov www: https://www.pfeg.noaa.gov/ "Old age and treachery will overcome youth and skill." "From those who have been given much, much will be expected" "the arc of the moral universe is long, but it bends toward justice" -MLK Jr.
Found it. On June 9, in the R-developers mail-list, a chain under the topic "SSL certificate issues". -Roy> On Jul 24, 2020, at 1:21 PM, Roy Mendelssohn - NOAA Federal <roy.mendelssohn at noaa.gov> wrote: > > Thank you very much. That indeed did work, more specifically as (to include solution for the record): > >> sshInfo <- rerddap::info('hawaii_soest_f75b_adc6_12ab', url = 'https://apdrc.soest.hawaii.edu/erddap/', ssl_verifyhost=0, ssl_verifypeer=0) > > BTW - my clock and date are fine, the reason it works on some systems has to do with the SSL library being used, whether openSSL or libreSSL. And as I said, similar happened to R itself for a very short time. I can't find the references to the email exchange, but Simon Urbanek gave a very nice explanation of why this was happening. I also wonder whether it really is desirable to ignore an expired Cert in the Cert search path. Not particularly knowledgeable on this, but my offhand feeling is that could lead to problems. > > Thanks again for the solution! > > -Roy > > >> On Jul 23, 2020, at 4:20 PM, Rasmus Liland <jral at posteo.no> wrote: >> >> On 2020-07-23 14:56 -0700, Roy Mendelssohn - NOAA Federal via R-help wrote: >>> I am trying to get the following command to work: >>> >>>> sshInfo <- rerddap::info('hawaii_soest_f75b_adc6_12ab', url = 'https://apdrc.soest.hawaii.edu/erddap/') >>> >>> On a Mac at least (but I know for a >>> fact not necessarily on other OSes) I >>> get: >>> >>>> Error in curl::curl_fetch_memory(x$url$url, handle = x$url$handle) : >>>> SSL certificate problem: certificate has expired >>> >>> Parenthetically, this also happened >>> with R itself awhile back where an >>> intermediate cert on the search path >>> had expired, not the cert of the >>> service itself, and depending on >>> which implementation of ssl was used, >>> it either ignored it or threw an >>> error, as in this case. Someone I >>> am working with on another OS can >>> indeed run the same command, so if >>> your particular OS may not have an >>> issue >> >> I can download the dataset without >> problems on my Linux thinkpad. Perhaps >> you can provide some more info (but I do >> not know what ...) so I/others can >> reproduce this strange error ... >> >> Have you checked the time on the laptop >> being correct and not set to e.g. >> 1970-01-01 01:29? In the past, I have >> found ssl errors are caused by the time >> being off on my laptop, as in the case >> of a flat cmos battery. >> >>> Anyhow, for a problem a I am working >>> on I need to access this server with >>> that and related commands. >>> 'rerddap::info()' allows me to pass >>> curl options, and normally with Curl >>> you can get around the expired >>> certificate using the '-k' or >>> '--insecure' option. When I look at: >>> >>>> curl::curl_options() >>> >>> I do not see this option. I do not >>> understand all the options listed >>> there, so maybe that option is in a >>> different form that I am missing. Or >>> is there another way around this still >>> using 'curl' . Using another function >>> that does similar to 'curl' is not an >>> option, because I need the >>> 'rerddap::info()' call which calls a >>> package called "crul" which ultimately >>> calls 'curl'. >>> >>> Thanks, >>> >>> -Roy >>> >>> PS - And yes I informed the owner of >>> the site about the expired >>> certificate, that was a couple of >>> weeks ago. >> >> Perhaps setting >> >> options("ssl_verifyhost"=0, "ssl_verifypeer"=0) >> >> helps? [1] >> >> Best, >> Rasmus >> >> [1] https://stackoverflow.com/questions/47715918/how-to-pass-the-curl-insecure-alternative-when-using-r > > ********************** > "The contents of this message do not reflect any position of the U.S. Government or NOAA." > ********************** > Roy Mendelssohn > Supervisory Operations Research Analyst > NOAA/NMFS > Environmental Research Division > Southwest Fisheries Science Center > ***Note new street address*** > 110 McAllister Way > Santa Cruz, CA 95060 > Phone: (831)-420-3666 > Fax: (831) 420-3980 > e-mail: Roy.Mendelssohn at noaa.gov www: https://www.pfeg.noaa.gov/ > > "Old age and treachery will overcome youth and skill." > "From those who have been given much, much will be expected" > "the arc of the moral universe is long, but it bends toward justice" -MLK Jr. >********************** "The contents of this message do not reflect any position of the U.S. Government or NOAA." ********************** Roy Mendelssohn Supervisory Operations Research Analyst NOAA/NMFS Environmental Research Division Southwest Fisheries Science Center ***Note new street address*** 110 McAllister Way Santa Cruz, CA 95060 Phone: (831)-420-3666 Fax: (831) 420-3980 e-mail: Roy.Mendelssohn at noaa.gov www: https://www.pfeg.noaa.gov/ "Old age and treachery will overcome youth and skill." "From those who have been given much, much will be expected" "the arc of the moral universe is long, but it bends toward justice" -MLK Jr.
On 2020-07-24 13:34 -0700, Roy Mendelssohn - NOAA Federal wrote:
| On Jul 24, 2020, at 1:21 PM, Roy Mendelssohn - NOAA Federal
<roy.mendelssohn at noaa.gov> wrote:
| | On Jul 23, 2020, at 4:20 PM, Rasmus Liland <jral at posteo.no> wrote:
| | | On 2020-07-23 14:56 -0700, Roy Mendelssohn - NOAA Federal via R-help
wrote:
| | | | I am trying to get the following command to work:
| | | |
| | | | > sshInfo <- rerddap::info('hawaii_soest_f75b_adc6_12ab',
url = 'https://apdrc.soest.hawaii.edu/erddap/')
| | |
| | | Perhaps setting
| | |
| | | options("ssl_verifyhost"=0, "ssl_verifypeer"=0)
| | |
| | | helps? [1]
| | |
| | | [1]
https://stackoverflow.com/questions/47715918/how-to-pass-the-curl-insecure-alternative-when-using-r
| |
| | Thank you very much. That indeed
| | did work, more specifically as (to
| | include solution for the record):
| |
| | > sshInfo <- rerddap::info('hawaii_soest_f75b_adc6_12ab', url
= 'https://apdrc.soest.hawaii.edu/erddap/', ssl_verifyhost=0,
ssl_verifypeer=0)
Hey, I'm glad this solved your issue!
| | | Have you checked the time on the
| | | laptop being correct and not set
| | | to e.g. 1970-01-01 01:29? In the
| | | past, I have found ssl errors are
| | | caused by the time being off on my
| | | laptop, as in the case of a flat
| | | cmos battery.
| |
| | BTW - my clock and date are fine,
| | the reason it works on some systems
| | has to do with the SSL library being
| | used, whether openSSL or libreSSL.
| | And as I said, similar happened to
| | R itself for a very short time. I
| | can't find the references to the
| | email exchange, but Simon Urbanek
| | gave a very nice explanation of why
| | this was happening. I also wonder
| | whether it really is desirable to
| | ignore an expired Cert in the Cert
| | search path. Not particularly
| | knowledgeable on this, but my
| | offhand feeling is that could lead
| | to problems.
| |
| | Thanks again for the solution!
| |
| | -Roy
|
| Found it. On June 9, in the
| R-developers mail-list, a chain under
| the topic "SSL certificate issues".
|
| -Roy
Perhaps it's this[*] one. OpenSSL is
really crusty and simply a mistake, thus
I have heard, I hope LibreSSL or
something else can replace it at some
point, not just in MacOS and OpenBSD ...
Best,
Rasmus
[*] https://stat.ethz.ch/pipermail/r-devel/2020-June/079664.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL:
<https://stat.ethz.ch/pipermail/r-help/attachments/20200725/2b6d0959/attachment.sig>