sylabs
x509: certificate has expired or is not yet valid when using singularity search ubuntu
Version of Singularity What version of Singularity are you using? Run:
$ singularity --version
version is 3.8.6
Describe the bug
A clear and concise description of what the bug is.
I download the singularity from conda because of lack of root authority. I wanted to search or pull the ubuntu image, using singularity search ubuntu and singularity pull --arch amd64 library://library/default/ubuntu:20.04, but I countered the error as follows:
To Reproduce Steps to reproduce the behavior: singularity search ubuntu singularity pull --arch amd64 library://library/default/ubuntu:20.04
Expected behavior A clear and concise description of what you expected to happen. I expected the image can be found or pulled.
OS / Linux Distribution Which Linux distribution are you using?
$ cat /etc/os-release
CentOS-7
Installation Method Write here how you installed SingularityCE. Eg. RPM, source. conda install singularity
Additional context Anything else which might be relevant. E.g. if the bug only occurs on a specific filesystem, or kernel version etc.
Am pretty confident there is no issue with SingularityCE here. The certificate for library.sylabs.io is correctly signed by the LetsEncrypt R3...
Either:
Your operating system is not up-to-date, and is missing the roots for the LetsEncrypt R3 certificate -or-
Your conda environment is providing an alternative set of certificates that singularity is using, and these are not correct -or-
There is an intercepting proxy in your environment, replacing the certificate.
The following link may be relevant: https://community.letsencrypt.org/t/rhel-centos-7-openssl-client-compatibility-after-new-chain/151969?page=2
We aren't able to directly support the conda packaging here. Also note that version v3.8.6 is outdated.
For further assistance, please first replicate the issue with the current SingularityCE v4.1.2 installed directly (not through conda), and investigate the points above.
