Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TrustFailure (The authentication or decryption has failed.) #12

Open
ghost opened this issue Oct 5, 2016 · 6 comments
Open

TrustFailure (The authentication or decryption has failed.) #12

ghost opened this issue Oct 5, 2016 · 6 comments

Comments

@ghost
Copy link

ghost commented Oct 5, 2016

I have created a small test site where I am calculating a route from Paris to Berlin using Google's directions API (through a JSON type provider) and returning it to the user. It works locally and I can successfully deploy and build it on Heroku. However, once I try to access the site from Heroku I get this (in the log):

> 2016-10-05T13:51:07.056816+00:00 heroku[web.1]: Starting process with command `fsharpi-heroku startup.fsx`
> 2016-10-05T13:51:33.301369+00:00 app[web.1]: System.Net.WebException: Error: TrustFailure (The authentication or decryption has failed.)  at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) <0x41c53640 + 0x001ed> in <filename unknown>:0 
> 2016-10-05T13:51:33.301384+00:00 app[web.1]:   at [email protected] (IAsyncResult arg00) <0x41c53610 + 0x00024> in <filename unknown>:0 
> 2016-10-05T13:51:33.301386+00:00 app[web.1]:   at <StartupCode$FSharp-Core>.$Control+callback@1875[T].Invoke (IAsyncResult ar) <0x41c52c90 + 0x00176> in <filename unknown>:0 
> 2016-10-05T13:51:33.301387+00:00 app[web.1]:  ---> System.IO.IOException: The authentication or decryption has failed. ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server. Error code: 0xffffffff800b010a
> 2016-10-05T13:51:33.301387+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.RecordProtocol.EndReceiveRecord (IAsyncResult asyncResult) <0x41c2adc0 + 0x0013e> in <filename unknown>:0 
> 2016-10-05T13:51:33.301420+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.SslClientStream.SafeEndReceiveRecord (IAsyncResult ar, Boolean ignoreEmpty) <0x41c2acf0 + 0x00031> in <filename unknown>:0 
> 2016-10-05T13:51:33.301421+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.SslClientStream.NegotiateAsyncWorker (IAsyncResult result) <0x41c23950 + 0x0023a> in <filename unknown>:0 
> 2016-10-05T13:51:33.301422+00:00 app[web.1]:   --- End of inner exception stack trace ---
> 2016-10-05T13:51:33.301423+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.SslClientStream.EndNegotiateHandshake (IAsyncResult result) <0x41c51d60 + 0x000f3> in <filename unknown>:0 
> 2016-10-05T13:51:33.301424+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) <0x41c51ab0 + 0x00086> in <filename unknown>:0 
> 2016-10-05T13:51:33.301424+00:00 app[web.1]:   --- End of inner exception stack trace ---
> 2016-10-05T13:51:33.301425+00:00 app[web.1]:   at Mono.Security.Protocol.Tls.SslStreamBase.EndRead (IAsyncResult asyncResult) <0x41c20ba0 + 0x00199> in <filename unknown>:0 
> 2016-10-05T13:51:33.301426+00:00 app[web.1]:   at Mono.Net.Security.Private.LegacySslStream.EndAuthenticateAsClient (IAsyncResult asyncResult) <0x41c20970 + 0x00042> in <filename unknown>:0 
> 2016-10-05T13:51:33.301442+00:00 app[web.1]:   at Mono.Net.Security.Private.LegacySslStream.AuthenticateAsClient (System.String targetHost, System.Security.Cryptography.X509Certificates.X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation) <0x41c19160 + 0x00055> in <filename unknown>:0 
> 2016-10-05T13:51:33.301443+00:00 app[web.1]:   at Mono.Net.Security.MonoTlsStream.CreateStream (System.Byte[] buffer) <0x41c18720 + 0x00149> in <filename unknown>:0 
> 2016-10-05T13:51:33.301444+00:00 app[web.1]:   --- End of inner exception stack trace ---
> 2016-10-05T13:51:33.301444+00:00 app[web.1]:   at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) <0x41c53640 + 0x001ed> in <filename unknown>:0 
> 2016-10-05T13:51:33.301445+00:00 app[web.1]:   at [email protected] (IAsyncResult arg00) <0x41c53610 + 0x00024> in <filename unknown>:0 
> 2016-10-05T13:51:33.301446+00:00 app[web.1]:   at <StartupCode$FSharp-Core>.$Control+callback@1875[T].Invoke (IAsyncResult ar) <0x41c52c90 + 0x00176> in <filename unknown>:0 
> 2016-10-05T13:51:33.301447+00:00 app[web.1]: --- End of stack trace from previous location where exception was thrown ---
> 2016-10-05T13:51:33.301448+00:00 app[web.1]:   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () <0x41c57300 + 0x00038> in <filename unknown>:0 
> 2016-10-05T13:51:33.301448+00:00 app[web.1]:   at Microsoft.FSharp.Control.AsyncBuilderImpl.commit[a] (Microsoft.FSharp.Control.AsyncImplResult`1 res) <0x41c57100 + 0x0015f> in <filename unknown>:0 
> 2016-10-05T13:51:33.301466+00:00 app[web.1]:   at Microsoft.FSharp.Control.CancellationTokenOps.RunSynchronouslyInCurrentThread[a] (CancellationToken token, Microsoft.FSharp.Control.FSharpAsync`1 computation) <0x41beb6e0 + 0x001cf> in <filename unknown>:0 
> 2016-10-05T13:51:33.301468+00:00 app[web.1]:   at Microsoft.FSharp.Control.CancellationTokenOps.RunSynchronously[a] (CancellationToken token, Microsoft.FSharp.Control.FSharpAsync`1 computation, Microsoft.FSharp.Core.FSharpOption`1 timeout) <0x41beb500 + 0x0008f> in <filename unknown>:0 
> 2016-10-05T13:51:33.301469+00:00 app[web.1]:   at Microsoft.FSharp.Control.FSharpAsync.RunSynchronously[T] (Microsoft.FSharp.Control.FSharpAsync`1 computation, Microsoft.FSharp.Core.FSharpOption`1 timeout, Microsoft.FSharp.Core.FSharpOption`1 cancellationToken) <0x41beb140 + 0x00259> in <filename unknown>:0 
> 2016-10-05T13:51:33.301469+00:00 app[web.1]:   at lib.getParisToBerlin () <0x41be9c10 + 0x0007c> in <filename unknown>:0 
> 2016-10-05T13:51:33.301470+00:00 app[web.1]:   at <StartupCode$FSI_0001>.$FSI_0001.main@ () <0x41be2dd0 + 0x00038> in <filename unknown>:0 
> 2016-10-05T13:51:33.301471+00:00 app[web.1]:   at (wrapper managed-to-native) System.Reflection.MonoMethod:InternalInvoke (System.Reflection.MonoMethod,object,object[],System.Exception&)
> 2016-10-05T13:51:33.301817+00:00 app[web.1]:   at System.Reflection.MonoMethod.Invoke (System.Object obj, BindingFlags invokeAttr, System.Reflection.Binder binder, System.Object[] parameters, System.Globalization.CultureInfo culture) <0x4173c830 + 0x000b7> in <filename unknown>:0 
> 2016-10-05T13:51:33.302020+00:00 app[web.1]: Stopped due to error
> 2016-10-05T13:51:33.840586+00:00 heroku[web.1]: State changed from starting to crashed
> 2016-10-05T13:51:33.833958+00:00 heroku[web.1]: Process exited with status 1

The code can be found here: https://github.com/zenplement/suaveherokutypeprovidertest
Note that a google api key needs to be set as a config variable in Heroku (GOOGLE_API_KEY)

It might simply be a newbie mistake on my part (first time using Suave.IO), so any pointers would be greatly appreciated. I might also be related to #9.

@mydogisbox
Copy link

I'm encountering the same issue also with google api in heroku. Did you ever find a solution?

I found KSP-CKAN/CKAN#24 which may fix it but I'm not sure how to apply that to the buildpack.

I followed the solution here: http://answers.unity3d.com/questions/914894/help-me-reading-a-spreadsheet-from-google-drive-us.html

but doesn't seem like the right fix.

@haf
Copy link

haf commented May 23, 2017

I think the issue here is the mono version; try Mono 4.8.1 and the TLS support has been improved.

@haf
Copy link

haf commented May 23, 2017

@ghost
Copy link
Author

ghost commented May 23, 2017

I never found a solution mydogisbox, but I haven't tried changing the mono version as haf is proposing.

@haf
Copy link

haf commented May 23, 2017

The second solution I can think of is updating the CA list… The message states "Trust failure", not "Handshake failure", so let me suggest http://www.mono-project.com/docs/about-mono/releases/3.12.0/#cert-sync

@mydogisbox
Copy link

I will add that to my todo list to investigate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants