I’m in the process of trying to add windows support for travis for the graalvm/mx repo: https://github.com/graalvm/mx/pull/174
So far it’s going pretty well, but I seem to be running into a problem where we’re trying to download a .jar file from maven central, but it’s failing to verify the SSL certificate: https://travis-ci.org/graalvm/mx/jobs/457224527#L4450
Note that this works fine when running on my local machine, or on linux: https://travis-ci.org/graalvm/mx/builds/457224524
The build script required to reproduce is:
os: windows
language: shell
before_install:
- choco install python2 -y
- export PATH=$PATH:/c/Python27
script: python -c 'import urllib2; print urllib2.urlopen("https://repo1.maven.org/maven2/org/jacoco/org.jacoco.core/0.7.9/org.jacoco.core-0.7.9.jar")'
Which is showing the following error:
urllib2.URLError: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)>
I think this is being caused by a missing SSL certificate in the windows environment?
I’m not sure how I should install such a certificate, most of the tutorials I’ve found tell me to use the GUI tool, but I don’t think that’s an option, since the travis script uses shell commands. As far as I can tell the command line tool to do the same is certutil, but I don’t know what the right incantation is.
I’m very inexperienced with dealing with SSL certificates, so my questions are:
- Am I even looking in the right place?
- How should I add the SSL certificate for the URL I’m trying to access?
Thanks
I’ve tried turning off verification by setting PYTHONHTTPSVERIFY=0 in before_install, but I’m still getting the same error.
Seems similar to: https://github.com/travis-ci/travis-ci/issues/4757 Which seems to have been a container issue. Something about TLSv1.2 not being accessible?