SiDock@home 30 Sep 14:03:19 UTC Scheduler request failed: Peer certificate cannot be authenticated with given CA certificates

Certificates outdated?

...same notification over here. No more task up- or download possible for Windows.

Michael.

---

President of Rechenkraft.net - This world's first and largest distributed computing organization. We make those things possible that supercomputers don't.

All OK here at 14:30 UTC on Ubuntu Linux 18.04 & 20.04 LTS.
No Windows systems here to check.

Paul.

Maybe an issue regarding the expiring Let's Encrypt root certificate?

Same problem on win 10, boinc 7.14.2 x64

Windows 10 with BOINC 7.16.11
Thu 30 Sep 2021 01:26:57 PM CDT | SiDock@home | Scheduler request failed: Peer certificate cannot be authenticated with given CA certificates.

Works fine: BOINC version 7.16.16 on Linux Debian 11 bullseye on both my Linux computers (32 bit anonymous platform and 64 bit).

Hmm, I get the same for the Wuprop project.
Sounds like it may not be project specific.

I think happened at least once before a few years ago and it had to do with the certificates provided by the BOINC client.


Edit 1: Ok, user Den777 at Wuprop posted this.
If you have a Linux PC, you can just copy the file from there and paste it on Windows.

Edit: 2: There's a thread at the BOINC Forums. The root cause of the error is explained there.

Hopefully a new BOINC version is launched soon.

One of the given CA certificates in BOINC's client certificate bundle stored in the file ca-bundle.crt is "DST Root CA X3"
The valid period of that certificate ended 30 September 2021 and that CA in ca_bundle.crt should be updated/removed by BOINC.
The file is stored locally on the client side in BOINC's Program folder, so no server issue.

The file is stored locally on the client side in BOINC's Program folder, so no server issue.

There appears to be a server-side workaround, however, namely renewing the letsencrypt certificate with the valid certificate chain as the preferred chain (i.e., certbot --preferred-chain "ISRG Root X1").

---

Ich habe dieses probiert und funktionierte

aus dem Tread
https://wuprop.boinc-af.org/forum_thread.php?id=575&postid=8360#8360
diesen Link gefolgt und diese ca Datei runter geladen
https://drive.google.com/file/d/1-zirSeFwap21lRABRLD6k_nlOHlXRLFe/view

In das Verzeichnis C:\Program Files\BOINC
die Originaldatei umbenannt und die ca-bundle.crt eingefügt.

Läuft

The file is stored locally on the client side in BOINC's Program folder, so no server issue.

There appears to be a server-side workaround, however, namely renewing the letsencrypt certificate with the valid certificate chain as the preferred chain (i.e., certbot --preferred-chain "ISRG Root X1").

It killed access to www.sidock.si (not to sidock.sI) for 45 minutes, but now site returned to work. :)

After update ca-bundle.crt to this file: https://srbase.my-firewall.org/sr5/download/ca-bundle.crt, BOINC on my Windows 10 test VM resumed work.