Ubuntu – SSL Certificate error when adding PPA

I've been trying to install a package from a PPA for some hours now. I am running a freshly installed version of ubuntu 14.04.

I've been following these instructions:
https://github.com/ethereum/go-ethereum/wiki/Installation-Instructions-for-Ubuntu

On issuing this command:

sudo add-apt-repository ppa:ethereum/ethereum

I get five errors of this kind: (all of them added to the bottom of the post for reference.)

Traceback (most recent call last):
  File "/usr/bin/add-apt-repository", line 119, in <module>
    shortcut = shortcut_handler(line)
  File "/usr/lib/python3/dist-packages/softwareproperties/SoftwareProperties.py", line 837, in shortcut_handler
    ret = factory(shortcut)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 382, in shortcut_handler
    return PPAShortcutHandler(shortcut)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 346, in __init__
    info = get_ppa_info(self.shortcut)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 333, in get_ppa_info
    _get_suggested_ppa_message(user, ppa))
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 292, in _get_suggested_ppa_message
    lp_user = get_info_from_lp(LAUNCHPAD_USER_API % user)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 87, in get_info_from_lp
    return _get_https_content_py3(lp_url)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 107, in _get_https_content_py3
    raise PPAException("Error reading %s: %s" % (lp_url, reason), e)
softwareproperties.ppa.PPAException: 'Error reading https://launchpad.net/api/1.0/~ethereum: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)'

I would think that this has something to do with this line:

[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)'

I've tried reinstalling and updating the ca-certificates. And I have run apt-get update and upgrade. (I also tried 15.04 but same results)

Do I have to add/generate a certificate for this particular host?

Any ideas what I might be missing here?

Thankful for any help!

FULL ERROR MESSAGES:
Traceback (most recent call last):
  File "/usr/lib/python3.4/urllib/request.py", line 1182, in do_open
    h.request(req.get_method(), req.selector, req.data, headers)
  File "/usr/lib/python3.4/http/client.py", line 1088, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python3.4/http/client.py", line 1126, in _send_request
    self.endheaders(body)
  File "/usr/lib/python3.4/http/client.py", line 1084, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python3.4/http/client.py", line 922, in _send_output
    self.send(msg)
  File "/usr/lib/python3.4/http/client.py", line 857, in send
    self.connect()
  File "/usr/lib/python3.4/http/client.py", line 1231, in connect
    server_hostname=server_hostname)
  File "/usr/lib/python3.4/ssl.py", line 365, in wrap_socket
    _context=self)
  File "/usr/lib/python3.4/ssl.py", line 583, in __init__
    self.do_handshake()
  File "/usr/lib/python3.4/ssl.py", line 810, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 101, in _get_https_content_py3
    lp_page = urllib.request.urlopen(request, cafile=LAUNCHPAD_PPA_CERT)
  File "/usr/lib/python3.4/urllib/request.py", line 161, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python3.4/urllib/request.py", line 463, in open
    response = self._open(req, data)
  File "/usr/lib/python3.4/urllib/request.py", line 481, in _open
    '_open', req)
  File "/usr/lib/python3.4/urllib/request.py", line 441, in _call_chain
    result = func(*args)
  File "/usr/lib/python3.4/urllib/request.py", line 1225, in https_open
    context=self._context, check_hostname=self._check_hostname)
  File "/usr/lib/python3.4/urllib/request.py", line 1184, in do_open
    raise URLError(err)
urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 321, in get_ppa_info
    ret = get_ppa_info_from_lp(user, ppa)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 91, in get_ppa_info_from_lp
    return get_info_from_lp(lp_url)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 87, in get_info_from_lp
    return _get_https_content_py3(lp_url)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 107, in _get_https_content_py3
    raise PPAException("Error reading %s: %s" % (lp_url, reason), e)
softwareproperties.ppa.PPAException: 'Error reading https://launchpad.net/api/1.0/~ethereum/+archive/ubuntu/ethereum: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.4/urllib/request.py", line 1182, in do_open
    h.request(req.get_method(), req.selector, req.data, headers)
  File "/usr/lib/python3.4/http/client.py", line 1088, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python3.4/http/client.py", line 1126, in _send_request
    self.endheaders(body)
  File "/usr/lib/python3.4/http/client.py", line 1084, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python3.4/http/client.py", line 922, in _send_output
    self.send(msg)
  File "/usr/lib/python3.4/http/client.py", line 857, in send
    self.connect()
  File "/usr/lib/python3.4/http/client.py", line 1231, in connect
    server_hostname=server_hostname)
  File "/usr/lib/python3.4/ssl.py", line 365, in wrap_socket
    _context=self)
  File "/usr/lib/python3.4/ssl.py", line 583, in __init__
    self.do_handshake()
  File "/usr/lib/python3.4/ssl.py", line 810, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 101, in _get_https_content_py3
    lp_page = urllib.request.urlopen(request, cafile=LAUNCHPAD_PPA_CERT)
  File "/usr/lib/python3.4/urllib/request.py", line 161, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python3.4/urllib/request.py", line 463, in open
    response = self._open(req, data)
  File "/usr/lib/python3.4/urllib/request.py", line 481, in _open
    '_open', req)
  File "/usr/lib/python3.4/urllib/request.py", line 441, in _call_chain
    result = func(*args)
  File "/usr/lib/python3.4/urllib/request.py", line 1225, in https_open
    context=self._context, check_hostname=self._check_hostname)
  File "/usr/lib/python3.4/urllib/request.py", line 1184, in do_open
    raise URLError(err)
urllib.error.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)>

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/bin/add-apt-repository", line 119, in <module>
    shortcut = shortcut_handler(line)
  File "/usr/lib/python3/dist-packages/softwareproperties/SoftwareProperties.py", line 837, in shortcut_handler
    ret = factory(shortcut)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 382, in shortcut_handler
    return PPAShortcutHandler(shortcut)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 346, in __init__
    info = get_ppa_info(self.shortcut)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 333, in get_ppa_info
    _get_suggested_ppa_message(user, ppa))
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 292, in _get_suggested_ppa_message
    lp_user = get_info_from_lp(LAUNCHPAD_USER_API % user)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 87, in get_info_from_lp
    return _get_https_content_py3(lp_url)
  File "/usr/lib/python3/dist-packages/softwareproperties/ppa.py", line 107, in _get_https_content_py3
    raise PPAException("Error reading %s: %s" % (lp_url, reason), e)
softwareproperties.ppa.PPAException: 'Error reading https://launchpad.net/api/1.0/~ethereum: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)'

Best Answer

There are a couple things you can try. First off, have you tried creating a new ethereum-ethereum-<version>.list file for ethereum in /etc/apt/sources.list.d/ manually? I doubt that will make any difference if it's truly a verifcation error, but if apt is just being screwy that could do it. The line you would want to put in that file is something like:

deb http://ppa.launchpad.net/ethereum/ethereum/ubuntu trusty main

Another thing you could try is, if you trust ethereum, you can pass in the allow-unauthenticated flag to apt-get, that may do it. This is NOT a particularly good idea.

apt-get --allow-unauthenticated add-apt-repository ppa:ethereum/ethereum

You could also try and download a certificate from ethereum, but a cursory glance at their blog suggests they're not too hot on signing authorities, so I don't know if that approach is viable.

Best Answer

Related Solutions

Ubuntu – Does “quickly share –ppa share” abort with a “can’t create” error

Ubuntu – Disable SSL certificate validation in Ubuntu totally

Related Question