What version are you running?
RB 7.0.3, RBT 5.2
What steps will reproduce the problem?
We use a SSL Certificate issued by our company, with a root certificate installed on the client machine.
- Using
rbt post
fails with
ERROR: Could not reach the Review Board server at https://xxxx.com/: The SSL certificate used for "xxxx.com" has an untrusted or self-signed certificate in the chain that cannot currently be verified by RBTools.
- Using
rbt post --disable-ssl-verification
will allow use to posty a review - Putting
DISABLE_SSL_VERIFICATION = True
in the repository (project root).reviewboardrc
file does not allow us to post the review - Same error message - Putting
DISABLE_SSL_VERIFICATION = True
in the user local.reviewboardrc
file does not allow us to post the review - Same error message
What operating system are you using?
kubuntu 22.04
Attach the debug out from the command.
$ rbt post --parent=RM6960 --debug >>> RBTools 5.2 >>> Python 3.10.12 (main, Feb 4 2025, 14:57:36) [GCC 11.4.0] >>> Running on Linux-5.19.0-1025-lowlatency-x86_64-with-glibc2.35 >>> Home = /home/jvolpe >>> Current directory = /home/jvolpe/Projects/Glider/sentinel-bms-c21 >>> Command line: rbt post --parent=RM6960 --debug >>> [scan] Checking for available SCMs for /home/jvolpe/Projects/Glider/sentinel-bms-c21... >>> [scan] Considering all repository types >>> [scan] Skipping Bazaar: Command line tools (one of ('brz', 'bzr')) are missing. >>> [scan] Skipping VersionVault / ClearCase: Command line tools ('cleartool') are missing. >>> [scan] Checking for a CVS repository... >>> [scan] Checking for a Git repository... >>> Running: git rev-parse --git-dir >>> Running: git config --get core.bare >>> Running: git rev-parse --show-toplevel >>> [scan] Checking for a Mercurial repository... >>> Running: hg showconfig >>> [scan] Skipping Perforce: Command line tools ('p4') are missing. >>> [scan] Skipping Plastic: Command line tools ('cm') are missing. >>> [scan] Skipping Cliosoft SOS: Command line tools ('soscmd') are missing. >>> [scan] Checking for a Subversion repository... >>> Running: svn --non-interactive info >>> Command exited with rc=1 (errors ignored): svn --non-interactive info >>> Command stdout=b'' >>> Command stderr=b"svn: E155007: '/home/jvolpe/Projects/Glider/sentinel-bms-c21' is not a working copy\n" >>> Running: tf vc help >>> Command not found (tf vc help) >>> [scan] Skipping Team Foundation Server: Command line tools (one of ('VS2017+ tf', 'Team Explorer Everywhere tf.cmd', 'Our wrapper (rbt install tfs)')) are missing. >>> [scan] SCM scan complete. Found git (/home/jvolpe/Projects/Glider/sentinel-bms-c21) >>> [scan] Verifying repository information... >>> Running: git rev-parse --git-dir >>> Running: git config --get core.bare >>> Running: git rev-parse --show-toplevel >>> Running: git symbolic-ref -q HEAD >>> Running: git show-ref --verify refs/remotes/p4/master >>> Command errored with rc=128: git show-ref --verify refs/remotes/p4/master >>> Command stdout=b'' >>> Command stderr=b"fatal: 'refs/remotes/p4/master' - not a valid ref\n" >>> Running: git config --get remote.RM6960.url >>> Command errored with rc=1: git config --get remote.RM6960.url >>> Command stdout=b'' >>> Command stderr=b'' >>> [scan] Successfully found repository information: <RepositoryInfo(path='/home/jvolpe/Projects/Glider/sentinel-bms-c21/.git', base_path='', local_path='/home/jvolpe/Projects/Glider/sentinel-bms-c21')> >>> Making HTTP GET request to https://xxxx.com/api/ Traceback (most recent call last): File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/api/request.py", line 421, in connect return super().connect(*args, **kwargs) File "/usr/lib/python3.10/http/client.py", line 1455, in connect self.sock = self._context.wrap_socket(self.sock, File "/usr/lib/python3.10/ssl.py", line 513, in wrap_socket return self.sslsocket_class._create( File "/usr/lib/python3.10/ssl.py", line 1100, in _create self.do_handshake() File "/usr/lib/python3.10/ssl.py", line 1371, in do_handshake self._sslobj.do_handshake() ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/commands/base/commands.py", line 1463, in get_api api_root = api_client.get_root() File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/api/client.py", line 109, in get_root return self._transport.get_root(*args, **kwargs) File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/api/transport/sync.py", line 189, in get_root return self._execute_request(HttpRequest(self.server.url)) File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/api/transport/sync.py", line 344, in _execute_request rsp = self.server.make_request(request) File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/api/request.py", line 1496, in make_request rsp = self._urlopen(Request( File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/api/cache.py", line 350, in make_request response = LiveHTTPResponse(urlopen(request)) File "/usr/lib/python3.10/urllib/request.py", line 216, in urlopen return opener.open(url, data, timeout) File "/usr/lib/python3.10/urllib/request.py", line 519, in open response = self._open(req, data) File "/usr/lib/python3.10/urllib/request.py", line 536, in _open result = self._call_chain(self.handle_open, protocol, protocol + File "/usr/lib/python3.10/urllib/request.py", line 496, in _call_chain result = func(*args) File "/usr/lib/python3.10/urllib/request.py", line 1391, in https_open return self.do_open(http.client.HTTPSConnection, req, File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/api/request.py", line 477, in do_open return super().do_open(RBToolsHTTPSConnection, # type: ignore File "/usr/lib/python3.10/urllib/request.py", line 1348, in do_open h.request(req.get_method(), req.selector, req.data, headers, File "/usr/lib/python3.10/http/client.py", line 1283, in request self._send_request(method, url, body, headers, encode_chunked) File "/usr/lib/python3.10/http/client.py", line 1329, in _send_request self.endheaders(body, encode_chunked=encode_chunked) File "/usr/lib/python3.10/http/client.py", line 1278, in endheaders self._send_output(message_body, encode_chunked=encode_chunked) File "/usr/lib/python3.10/http/client.py", line 1038, in _send_output self.send(msg) File "/usr/lib/python3.10/http/client.py", line 976, in send self.connect() File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/api/request.py", line 428, in connect raise ServerInterfaceSSLError( rbtools.api.errors.ServerInterfaceSSLError: The SSL certificate used for "xxxx.com" has an untrusted or self-signed certificate in the chain that cannot currently be verified by RBTools. Make sure any necessary certificates in the chain are placed in one of the following locations: * /usr/lib/ssl/cert.pem * /usr/lib/ssl/certs You may need to update your root SSL certificates for RBTools by running: /usr/bin/python3 -m pip install -U certifi During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/home/jvolpe/.local/bin/rbt", line 8, in <module> sys.exit(main()) File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/commands/main.py", line 214, in main command.run_from_argv([RB_MAIN, command_name] + args) File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/commands/base/commands.py", line 1121, in run_from_argv self.initialize() File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/commands/base/commands.py", line 1030, in initialize self.api_client, self.api_root = self.get_api(self.server_url) File "/home/jvolpe/.local/lib/python3.10/site-packages/rbtools/commands/base/commands.py", line 1465, in get_api raise CommandError( rbtools.commands.base.errors.CommandError: Could not reach the Review Board server at https://xxxx.com/: The SSL certificate used for "xxxx.com" has an untrusted or self-signed certificate in the chain that cannot currently be verified by RBTools. Make sure any necessary certificates in the chain are placed in one of the following locations: * /usr/lib/ssl/cert.pem * /usr/lib/ssl/certs You may need to update your root SSL certificates for RBTools by running: /usr/bin/python3 -m pip install -U certifi