2020-05-29T21:28:38 CEST | Einstein@Home | update requested by user
2020-05-29T21:28:41 CEST | Einstein@Home | Fetching scheduler list
2020-05-29T21:28:43 CEST | | Project communication failed: attempting access to reference site
2020-05-29T21:28:46 CEST | | Internet access OK - project servers may be temporarily down.
So the same as Mike Davies. This is on openSUSE linux 15.1 and the 7.16.6 client. I have a ton of WUs sitting "ready to report" but cannot report them...
Please enable <http_debug> in cc_config.xml, this doesn't tell us anything more than that the request failed and that your internet connection is OK.
I too am having problems. This is the boinc client as currently available in the Android Playstore which is version 7.4.53. Looks like the problem is with CA certificates.
Yes, that's given in the event log as the real problem (5th line in what you posted).
If you have a more recent installation that is working, you could try copying the certificates file (ca-bundle.crt) from the BOINC data directory on the working machine and use it to replace the corresponding file on the non-working machine. If you then restart BOINC, it should start working.
Actually IIRC you don't need to restart BOINC as it's reading the file each time (or maybe I clicked on "read config files", but for sure not restarted it), the tricky part is to give BOINC the right to read it, when I copied it on my phone it was r--r--r--, it needs to be rw-rw-rw- (or in TotalCommander it was also called "666"). Don't ask me why, but the first generated messages in the log, that BOINC can't open the file, so I just changed to what all other files in that folder were.
For both, the copying and changing the access rights you need root. You also need to change the access rights of the folder, to which you want to copy the file to rwxrwxrwx, otherwise you might not be able to copy the file in there, at least I couldn't.
... If you then restart BOINC, it should start working.
This worked for me on an opensuse machine, except that there was no need to restart the client.
Just replace ca-bundle.crt with a recent version and click on the update button to contact the project.
If you have a more recent installation that is working, you could try copying the certificates file (ca-bundle.crt) from the BOINC data directory on the working machine and use it to replace the corresponding file on the non-working machine. If you then restart BOINC, it should start working.
Yeah, well, I would if I could. I don't know where the Boinc App stores that file on the phone. I do not have root privs.
I have found out how to update CA certs in Android (Settings->Security->Credential Storage) and I can install from memory/SD Card, but it doesn't like ca-bundle.crt. I think it has to be a .pem or something.
Specifically, which cert from the bundle needs to be updated ?
Mikey, that makes perfect sense. Since I upgraded, I have never been able to successfully contact the server, so it has no way of knowing that I upgraded. And yes, I did reboot after the upgrade.
OK, enabled debugging and found that ca-bundle.crt still needed to be updated. I have done that manually and now I can contact the servers. Thanks for the help!
OK, enabled debugging and found that ca-bundle.crt still needed to be updated. I have done that manually and now I can contact the servers. Thanks for the help!
sorry for the prolonged absence but we had a national holiday yesterday.
Ok, if I've parsed all latest comments correctly pvh got he CA bundle updated which solved the problem for him. That leaves Mike Davies. Mike, if your plan is to update Android's CA list itself, then I'm almost 100% sure that it won't help. BOINC on Android doesn't use Android's CA list, AFAIK, it comes with its own. You can't update that file within the app without root access on you Android device. But there's hope. Follow the discussion in the Android-specific thread.
We were notified that there's now a way to support older BOINC clients again - Kudos to Tristan! We've now deployed an alternative certificate chain that should support clients as of version 7.2.4, so that also includes the current Android stable release. A remaining requirement for that relaxed version constraint is the effective use of OpenSSL >= 1.0.1, though. That means BOINC needs to use the operating system's OpenSSL library instead of its own (e.g. on Linux) and the OS has to be recent enough to provide OpenSSL 1.0.1 or later. Otherwise the minimum BOINC version is back to 7.4.36 again.
pvh wrote: As requested,
)
Please enable <http_debug> in cc_config.xml, this doesn't tell us anything more than that the request failed and that your internet connection is OK.
.
Gary Roberts wrote: Mike
)
Actually IIRC you don't need to restart BOINC as it's reading the file each time (or maybe I clicked on "read config files", but for sure not restarted it), the tricky part is to give BOINC the right to read it, when I copied it on my phone it was r--r--r--, it needs to be rw-rw-rw- (or in TotalCommander it was also called "666"). Don't ask me why, but the first generated messages in the log, that BOINC can't open the file, so I just changed to what all other files in that folder were.
For both, the copying and changing the access rights you need root. You also need to change the access rights of the folder, to which you want to copy the file to rwxrwxrwx, otherwise you might not be able to copy the file in there, at least I couldn't.
.
Gary Roberts schrieb: ...
)
This worked for me on an opensuse machine, except that there was no need to restart the client.
Just replace ca-bundle.crt with a recent version and click on the update button to contact the project.
Gary Roberts wrote: If you
)
Yeah, well, I would if I could. I don't know where the Boinc App stores that file on the phone. I do not have root privs.
I have found out how to update CA certs in Android (Settings->Security->Credential Storage) and I can install from memory/SD Card, but it doesn't like ca-bundle.crt. I think it has to be a .pem or something.
Specifically, which cert from the bundle needs to be updated ?
Mikey, that makes perfect
)
Mikey, that makes perfect sense. Since I upgraded, I have never been able to successfully contact the server, so it has no way of knowing that I upgraded. And yes, I did reboot after the upgrade.
OK, enabled debugging and
)
OK, enabled debugging and found that ca-bundle.crt still needed to be updated. I have done that manually and now I can contact the servers. Thanks for the help!
pvh wrote: OK, enabled
)
WOO HOO!!!
Hi everyone, sorry for the
)
Hi everyone,
sorry for the prolonged absence but we had a national holiday yesterday.
Ok, if I've parsed all latest comments correctly pvh got he CA bundle updated which solved the problem for him. That leaves Mike Davies. Mike, if your plan is to update Android's CA list itself, then I'm almost 100% sure that it won't help. BOINC on Android doesn't use Android's CA list, AFAIK, it comes with its own. You can't update that file within the app without root access on you Android device. But there's hope. Follow the discussion in the Android-specific thread.
Cheers,
Oliver
Einstein@Home Project
Good news everyone!We
)
Good news everyone!
We were notified that there's now a way to support older BOINC clients again - Kudos to Tristan! We've now deployed an alternative certificate chain that should support clients as of version 7.2.4, so that also includes the current Android stable release. A remaining requirement for that relaxed version constraint is the effective use of OpenSSL >= 1.0.1, though. That means BOINC needs to use the operating system's OpenSSL library instead of its own (e.g. on Linux) and the OS has to be recent enough to provide OpenSSL 1.0.1 or later. Otherwise the minimum BOINC version is back to 7.4.36 again.
Happy crunching!
Oliver
Einstein@Home Project