docktorrent icon indicating copy to clipboard operation
docktorrent copied to clipboard

Published 20 hours ago verified publisher icon kfei

CCA cert issue

Open ghost opened this issue 9 years ago • 9 comments

[Problem with the SSL CA cert (path? access rights?)]

ghost avatar Apr 03 '15 00:04 ghost

Getting the same issue. Get this when a tracker is using SSL for its torrents. How to fix this?

danmun avatar Mar 23 '16 01:03 danmun

@danmun Sorry I'm not using private trackers recently and don't have any torrent to re-produce this problem. Can you provide more detail on the tracker or maybe a torrent file? Thank you.

kfei avatar Mar 23 '16 03:03 kfei

As you know, private tracker torrent files contain personal passkeys so the only way I can give one to you is if I remove the passkey, but then you can't connect so it's not much use. The site i'm having trouble with is avistaz.to (tracker.avistaz.to) .

The issue is also outlined here with a possible fix https://wiki.archlinux.org/index.php/RTorrent#CA_certificates ... but that is for a normal, non-docker container environment. I don't know how to do this inside a container.

danmun avatar Mar 23 '16 13:03 danmun

To try that fix:

  1. Get into your container: docker exec -it <cid> /bin/bash
  2. Perform the fix
  3. kill <pid_of_rTorrent>
  4. Wait rTorrent to restart (automatically)
  5. See if it works

Sorry I tried to find an SSL-enabled open tracker but no good. :disappointed:

kfei avatar Mar 23 '16 14:03 kfei

Okay that worked! I entered the container as you said then proceeded to follow the fix on that wiki. I had to create the /ssl/certs directories and also install wget inside the container. The name of the rtorrent process at first is 'main' but ps -a <pid of main> will show that it is rTorrent. So I killed it, waited for a quick restart and now it works, at least for the tracker I mentioned above (the only tracker with ssl torrents in my client so far).

Thanks for the tips!

danmun avatar Mar 23 '16 15:03 danmun

I'm glad to hear that. :grinning:

kfei avatar Mar 23 '16 16:03 kfei

You can try entering container and apt update; apt install ca-certificates; docker stop container; docker start container. Fixed the issue for me!

ngarafol avatar Jun 08 '16 18:06 ngarafol

ngarafol: you really don't even need to restart the container after installing the certificates! Just go into rutorrent's options/advanced and stick /etc/ssl/certs in the http_capath and refresh your trackers.

sithtoast avatar Aug 08 '16 01:08 sithtoast

ngarafol: you really don't even need to restart the container after installing the certificates! Just go into rutorrent's options/advanced and stick /etc/ssl/certs in the http_capath and refresh your trackers.

This is the correct way to do it for most cases. I haven't run into any private trackers that have a invalid cert/root authority.

@kfei I can easily create a pull to add the certs... but I'm not seeing a way with rutorrent to add the path at install time. Users will still have to go add the entry to http_capath but I might just not be looking hard enough.

aprofessionalusername avatar Dec 22 '18 18:12 aprofessionalusername