-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't install apps in OC 8.0.2 #14840
Comments
Do you have the PHP cURL extension installed? |
Yes: |
I am having the same issue here is what I have in my owncloud log: Any apps in "Recommended that I try to enable display this error. Yes I have curl installed. |
Same issue here, cURL installed as well. |
Same here. I investigated: In https://github.com/owncloud/core/blob/master/lib/private/installer.php#L247:
Get file with |
@R1tschY thanks - this is actually pretty helpful. Looks like the http->https redirect is not working on your installation. |
@R1tschY Can you try again please? I think we just fixed a bug there. |
Adding Also using the alternative in https://github.com/owncloud/core/blob/master/lib/private/httphelper.php#L126-137 works. @karlitschek Did you mean 00f5025? cURL module is installed. |
@LukasReschke @karlitschek something wrong again with our ssl cert? 🙊 |
SSL setup looks good to me. Best bet: @R1tschY is using a distribution that ships an outdated or none certificate bundle at all. In my opinion it's the administrators' task to ensure that the cURL certificate bundle is properly configured. It's not like you would expect an usual desktop software to come with all certificates on their own. That said, as there really seem to be a lot of distributions and people doing it wrong a possibility for us would be to make the HTTPHelper use a bundled set of all root certificates. However, this obviously requires us to keep track of the newest bundles 🙈 I can take a look tomorrow… |
Just to be clear. What I fixed is that the app store returns an https download url now. |
It is very mysterious. I used following php script on the server:
It prints the status code 200 (OK) and not the status code 400 (Bad Request). @LukasReschke local curl installation seems good. What does owncloud different? Before downloading the app, owncloud for example requests https://api.owncloud.com/v1/content/download/168711/1 with status code 200. Okay, https requests to api.owncloud.com are working. Sometimes the view with recommended apps is blank: Calls to for example https://api.owncloud.com/v1/content/data/166043 fails with status code 400. Error messages in log: |
@R1tschY If you add |
Yes. Server: CentOS release 6.6 |
How did you install PHP 5.6.2 on your CentOS? – Which repos? :) |
I do not own the server. Switching to the newest PHP version 5.6.6 does not change anything. |
I'm running 5.4.16, same problem. |
for me too. thx @R1tschY |
Trying that fix tomorrow. |
Adding curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); in > https://github.com/owncloud/core/blob/master/lib/private/httphelper.php#L73 solved it for me. |
@LukasReschke Any idea why the cert is considered invalid? |
@karlitschek hosts set up too long ago may have no GoDaddy root cert |
@VicDeo What do you mean? The used OS might not have the godaddy root cert? This must be very very old |
I used
cURL prints no error about the certificate and connects to apps.owncloud.com. |
Maybe it is an error in curl: I installed the current version 7.41.0 of curl (with toast) and the problem does not occur any more for me. Error appeared with curl version 7.19.7. |
I'm running cURL 7.29. |
Adding curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); in > https://github.com/owncloud/core/blob/master/lib/private/httphelper.php#L73 also solved it for me. |
Fixed with #15195 |
Oh ... no ... this is for 8.0.3. @LukasReschke Ideas how to fix this in 8.0.3? |
in this case we cannot - in case the issue is still popping up for our users running 8.0 - customer patching is required - #14840 (comment) closing therefore |
Yup this worked for me: New Install, CentOS 7, with https redirect: |
Adding curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); in https://github.com/owncloud/core/blob/master/lib/private/httphelper.php#L73 solved it for me. |
Just wanted to confirm that the solution @nhymxu posted above worked for me, and I'm using CentOS 6.6 with the php54w item from the webtatic repo. File is /var/www/html/owncloud/lib/private/httphelper.php for those who arrive via Google. |
@DeepDiver1975 |
Ditto; adding curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false) to /[installation_root]/lib/private/httphelper.php is a workaround on |
Yep, that solved it for me, too. Seems to be an Issue with CentOS and 8.0.*. I got it even on a fresh installation as mentioned.
EDIT: It works after upgrading to 8.0.4. |
Turning off certificate validation will break the code validity chain. That's not a solution and people should not insert the line into the code running on their servers. |
owncloud should also switch from returning a non-verifiable HTTP URL to the apps repository to an HTTPS URL that can be verified without redirection. That would solve this problem correctly. |
@jolorant Its not about a "non-verifiable HTTP URL". See the description here why this is happening and why turning off certificate validation is solving this: |
There is something more going on here. I'm also using CentOS 7 with the stock PHP 5.4.16. I have installed the GoDaddy root certificates and validated that they are being used, but the same errors are being spit out:
Disabling certificate validation is not the way. You've made a great product, but do you really want people to think that you solve issues by making your product less secure? If you feel the issue is that CentOS / RHEL isn't shipping a recent enough set of CA provide the steps for for augmenting those. But I'm here to tell you that isn't the problem. BTW, here's the way to add the GoDaddy certificates to EL7: From https://certs.godaddy.com/repository, download:
Place those files in:
Execute the following:
Restart Apache:
As I said, however, this doesn't solve the problem. I'm more than happy to help debug this further but need your instructions. |
Hi, if the certs are the problem then i think there is no need to debug this further. oC 8.1 will ship a workaround for environments like yours. If the certs are not the problem / oC 8.1 is not fixing it its probably better to create a new issue. |
Steps to reproduce
Expected behaviour
Should install app
Actual behaviour
App does not provide an info.xml file
Server configuration
Fedora21
Web server:
apache
Database:
mysql
PHP version:
ownCloud version: (see ownCloud admin page)
8.0.2
Updated from an older ownCloud or fresh install:
7.0.X
List of activated apps:
nothing/defaults
The content of config/config.php:
Are you using external storage, if yes which one: local/smb/sftp/...
Are you using encryption: yes/no
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
LDAP configuration (delete this part if not used)
Client configuration
Browser:
chrome
Operating system:
win/fedora21
Logs
Web server error log
ownCloud log (data/owncloud.log)
Browser log
The text was updated successfully, but these errors were encountered: