Mailing List Archive

Hi there,

On Wed, 2 Mar 2022, Jonah McElfatrick via clamav-users wrote:

> I am trying to mirror the definitions database using the recommended
> cvdupdate python script, however I am getting the following error
> code: ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED]
> certificate verify failed: unable to get local issuer certificate
> ...

Sorry, a bit pressed just now.

Check my posts to this list for the last couple of days, there are a
few links in one of them. Please get back to us if they don't help.

--

73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Hello,

After taking your advice I located the post in which you are referencing and attempted multiple of the solutions provided. Unfortunately though, none of the provided solutions seem to have resolved the issue.

In addition,I have found that using the fresh clam tool also results in the following SSL authentication error:
WARNING: Download failed (60) WARNING: Message: SSL peer certificate or SSH remote key was not OK

Due to the similar errors, I therefore no longer think it to be an isolated issue with python or the openssl library.

I did not mention in my previous email but the operating system this is running on is MacOS 11.6.4.

Any additional help would be much appreciated.

Thanks,
Jonah




> On 2 Mar 2022, at 16:58, G.W. Haywood via clamav-users <clamav-users@lists.clamav.net> wrote:
>
> Hi there,
>
> On Wed, 2 Mar 2022, Jonah McElfatrick via clamav-users wrote:
>
>> I am trying to mirror the definitions database using the recommended
>> cvdupdate python script, however I am getting the following error
>> code: ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED]
>> certificate verify failed: unable to get local issuer certificate
>> ...
>
> Sorry, a bit pressed just now.
>
> Check my posts to this list for the last couple of days, there are a
> few links in one of them. Please get back to us if they don't help.
>
> --
>
> 73,
> Ged.
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml

I would double-check to make sure python3 is using the correct CA bundle.
On recent python3 versions, that should be the certifi bundle.
$ which python3
/opt/homebrew/bin/python3
$ /opt/homebrew/bin/python3 --version
Python 3.9.10
$ python3 -m certifi
/opt/homebrew/lib/python3.9/site-packages/certifi/cacert.pem

I was able to install and run cvdupdate without any errors on MacOS 12.2.1.
$ python3 -m cvdupdate config set --dbdir cvdupdate
$ python3 -m cvdupdate update
2022-03-07 11:40:26 cvdupdate-1.0.2 INFO Downloaded main-62.cdiff
2022-03-07 11:40:32 cvdupdate-1.0.2 INFO Downloaded main.cvd. Version: 62
2022-03-07 11:40:32 cvdupdate-1.0.2 INFO Downloaded daily-26474.cdiff
2022-03-07 11:40:36 cvdupdate-1.0.2 INFO Downloaded daily.cvd. Version:
26474
2022-03-07 11:40:36 cvdupdate-1.0.2 INFO Downloaded bytecode-333.cdiff
2022-03-07 11:40:37 cvdupdate-1.0.2 INFO Downloaded bytecode.cvd. Version:
333
$ ls cvdupdate
bytecode-333.cdiff bytecode.cvd daily-26474.cdiff daily.cvd dns.txt
main-62.cdiff main.cvd

--Maarten

On Mon, Mar 7, 2022 at 11:32 AM Jonah McElfatrick via clamav-users <
clamav-users@lists.clamav.net> wrote:

>
> Hello,
>
> After taking your advice I located the post in which you are referencing
> and attempted multiple of the solutions provided. Unfortunately though,
> none of the provided solutions seem to have resolved the issue.
>
> In addition,I have found that using the fresh clam tool also results in
> the following SSL authentication error:
> WARNING: Download failed (60) WARNING: Message: SSL peer certificate or
> SSH remote key was not OK
>
> Due to the similar errors, I therefore no longer think it to be an
> isolated issue with python or the openssl library.
>
> I did not mention in my previous email but the operating system this is
> running on is MacOS 11.6.4.
>
> Any additional help would be much appreciated.
>
> Thanks,
> Jonah
>
>
>
>
> On 2 Mar 2022, at 16:58, G.W. Haywood via clamav-users <
> clamav-users@lists.clamav.net> wrote:
>
> Hi there,
>
> On Wed, 2 Mar 2022, Jonah McElfatrick via clamav-users wrote:
>
> I am trying to mirror the definitions database using the recommended
> cvdupdate python script, however I am getting the following error
> code: ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED]
> certificate verify failed: unable to get local issuer certificate
> ...
>
>
> Sorry, a bit pressed just now.
>
> Check my posts to this list for the last couple of days, there are a
> few links in one of them. Please get back to us if they don't help.
>
> --
>
> 73,
> Ged.
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>

Hi there,

On Mon, 7 Mar 2022, Maarten Broekman via clamav-users wrote:
> On Mon, Mar 7, 2022 at 11:32 AM Jonah McElfatrick via clamav-users wrote:
>>
>> ... none of the provided solutions seem to have resolved the issue.
>> ...
>> I did not mention in my previous email but the operating system this is
>> running on is MacOS 11.6.4.
>
> I would double-check to make sure python3 is using the correct CA bundle.
> On recent python3 versions, that should be the certifi bundle.
> $ which python3
> /opt/homebrew/bin/python3
> $ /opt/homebrew/bin/python3 --version
> Python 3.9.10
> $ python3 -m certifi
> /opt/homebrew/lib/python3.9/site-packages/certifi/cacert.pem
> ...

Sorry, I haven't run a Mac for twenty years so I'm a bit out of touch
but it does smell like a cacert.pm problem. There's an old post here:

https://github.com/rust-lang/cargo/issues/1180

in which people mentioned that they've managed to get what appears to
be broken copies of that file (sometimes multiple copies) which have
caused this kind of issue.

Does any of this help?

--
73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Hi jonah
if you have not solved your problem yet you could try fire fox browser
i personaly would not touch any of the corperate browsers but it may offer
a fix for you as it lets you change ssl and tls
and a myriad of certificates in its settings i think it is security tab and advanced if you see proxy settings your getting warm
i presume this would cross over to your issue as a browser is the main
attachement to the internet

Also this is not related but more important
there is a rat in the cornner of the room that needs humainty to exspose
it a souce that does this is ,,, i have to do a bit of word play hear

throw the rubbish down the C???? second word 64 or 32 B??
join those two words and search on favioute web engine please

kind regards colin
if you strugle to find the settings i suppose i could do it from memorey
but if you google your probaly find them
proxy is one tab and right next to it should be the avanced tab

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml