CURL Error: 77

8 posts / 0 new
Last post
#1 Thu, 01/15/2015 - 08:23
jancas

CURL Error: 77

Hello,

Since last update I am having problems with WHMCS connecting via API to resellerclub.

When trying to sync domains I get this error: CURL Error: 77 - Problem with the SSL CA cert (path? access rights?)

I have not changed anything, this problem started after installing the updated packages in virtualmin.

I have checked the server ssl certs and they seem to be ok (/etc/pki/tls/certs)

It seems something changed in the last update and is causing this problem.

Thu, 01/15/2015 - 10:10
andreychek

Howdy,

Hmm, I'm not sure of anything that would have been changed during the Virtualmin package updates to prevent curl from working properly.

But what you may want to do is run this command:

curl-config --configure

And then look at all the paths mentioned in there (such as the one mentioned alongside --with-ca-bundle), and then verify that your user has permission to access those paths.

You'd want to check not just the final destination, but each directory leading up to do (for example, not just "/etc/pki/tls/certs", but also "/etc/pki" and "/etc/pki/tls". Those files and directories would need to be world readable and world executable.

-Eric

Thu, 01/15/2015 - 12:00 (Reply to #2)
jancas

The permissions are set to root:root (rwxrwxrwx) for all files and folders under /pky

Meanwhile I ran this command: curl -I -v https://google.com

the output is:

/etc/pki$ curl -I -v https://google.com * About to connect() to google.com port 443 (#0) * Trying 64.233.167.138... connected * Connected to google.com (64.233.167.138) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * Unable to initialize NSS database * Initializing NSS with certpath: none * Unable to initialize NSS * NSS error -8023 * Closing connection #0 * Problem with the SSL CA cert (path? access rights?)

curl: (77) Problem with the SSL CA cert (path? access rights?)

I dont know if this adds any value to solving the problem. I have also restarted the server but it didnt work.

Thanks.

Thu, 01/15/2015 - 12:40 (Reply to #3)
jancas

I now remember the last time I updated packages in virtualmin there was an error so now I did "yum update" and I got this:

[root@server ~]# yum update Loaded plugins: fastestmirror Setting up Update Process Loading mirror speeds from cached hostfile Could not get metalink https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=x86_64 error was 14: PYCURL ERROR 77 - "Problem with the SSL CA cert (path? access rights?)" * base: centos.hyve.com * epel: mirrors.coreix.net * extras: centos.serverspace.co.uk * updates: centos.serverspace.co.uk Resolving Dependencies --> Running transaction check ---> Package nss-softokn-freebl.i686 0:3.14.3-18.el6_6 will be updated ---> Package nss-softokn-freebl.x86_64 0:3.14.3-18.el6_6 will be updated ---> Package nss-softokn-freebl.i686 0:3.14.3-19.el6_6 will be an update ---> Package nss-softokn-freebl.x86_64 0:3.14.3-19.el6_6 will be an update ---> Package wbt-virtual-server-theme.noarch 2:9.0-1 will be updated ---> Package wbt-virtual-server-theme.noarch 2:9.0-2 will be an update --> Finished Dependency Resolution

Dependencies Resolved

=====================================================================================================================================

Package Arch Version Repository Size

Updating: nss-softokn-freebl i686 3.14.3-19.el6_6 updates 156 k nss-softokn-freebl x86_64 3.14.3-19.el6_6 updates 166 k wbt-virtual-server-theme noarch 2:9.0-2 virtualmin-universal 2.3 M

Transaction Summary

Upgrade 3 Package(s)

Total size: 2.6 M Is this ok [y/N]: y Downloading Packages: error: rpmts_HdrFromFdno: Header V3 DSA/SHA1 Signature, key ID 11f63c51: BAD

Problem opening package wbt-virtual-server-theme-9.0-2.noarch.rpm [root@server ~]#

Thu, 01/15/2015 - 13:05
andreychek

Howdy,

Are you using CentOS 6?

There's apparently a bug in some of the CentOS package that can cause the RPM database to become corrupt. Some of the errors you're seeing seem similar to the issues in here:

http://virtualmin.com/node/35861

I'd suggest taking a peek at that thread, that may resolve some of the issues.

You may still need to review the permissions on the files and paths leading up to the SSL certs though.

-Eric

Fri, 01/16/2015 - 16:55
bradmca

Kicked off a stackoverflow thread about it here

https://stackoverflow.com/questions/27987091/ssl-ca-cert-path-access-rights

Does not seem to be getting productive solutions anywhere yet.

Please let me know if you get anywhere, I will do likewise.

Fri, 01/16/2015 - 17:31
bradmca

@jancas this will solve the problem for you, it just fixed my VPS https://www.virtualmin.com/node/35857#comment-142843

Fri, 01/16/2015 - 17:49 (Reply to #7)
jancas

Yes :) I also found the solution there, thanks

Topic locked