Testthat: cannot open the connection to

Bottom line: install the intermediate “Entrust Certification Authority - L1K” TLS certificate that this server erroneously doesn’t provide to the local trusted certificates store, as per How to install certificates for command line - Ask Ubuntu

before_install:
  - sudo mkdir -p /usr/local/share/ca-certificates/
  - wget https://entrust.com/root-certificates/entrust_l1k.cer
  - openssl x509 -in entrust_l1k.cer -out entrust_l1k.crt
  - sudo mv entrust_l1k.crt /usr/local/share/ca-certificates/
  - sudo update-ca-certificates
  - rm entrust_l1k.cer

Report the incomplete certificate chain to this server’s admins since this is a TLS protocol violation so that they can fix it.


There’s a clear error message in the log:

SSL certificate problem: unable to get local issuer certificate

You can use the SSL Labs website to check for TLS problems that may fail the connection: SSL Server Test: www.vdh.virginia.gov (Powered by Qualys SSL Labs)

It says, in particular:

This server’s certificate chain is incomplete.
<…>
Extra download Entrust Certification Authority - L1K

So you need to get this missing intermediate certificate into the local trusted store, this way or another.

See Travis CI - Test and Deploy with Confidence for an example of a successful build after it’s installed with the code above.