piaware 2.1-5 failing cert when building on jessie [Solved]


#1

Since others are successfully running piaware 2.1-5, it is likely this issue is on my side but feel compelled to at least mention it. I pulled 2.1-5 of piaware builder (f6e427d) and successfully built (presumably). I then stopped the service, installed the new version and restarted. Below is the piaware.log complaining about a failing cert. Waited ~5-10 minutes; msgs continued. I then reinstalled the previously built 2.1-3 and everything ran fine. Not sure of the root cause.


$ tail -F piaware.out
12/19/2015 08:23:28 piaware version 2.1-5 is running, process ID 523
12/19/2015 08:23:28 your system info is: Linux adsb 4.1.13-v7+ #826 SMP PREEMPT Fri Nov 13 20:19:03 GMT 2015 armv7l GNU/Linux
12/19/2015 08:23:29 Connecting to FlightAware adept server at piaware.flightaware.com/1200
12/19/2015 08:23:29 Connection to adept server at piaware.flightaware.com/1200 failed: couldn't open socket: no such device or address (Temporary failure in name resolution)
12/19/2015 08:23:29 reconnecting in 90 seconds...
12/19/2015 08:23:29 ADS-B data program 'dump1090-mutabi' is listening on port 30005, so far so good
12/19/2015 08:23:29 Starting faup1090: /usr/lib/piaware/helpers/faup1090 --net-bo-ipaddr localhost --net-bo-port 30005 --stdout
12/19/2015 08:23:29 Started faup1090 (pid 633) to connect to dump1090-mutabi
12/19/2015 08:23:32 piaware received a message from dump1090-mutabi!
12/19/2015 08:23:59 4 msgs recv'd from dump1090-mutabi; 0 msgs sent to FlightAware
12/19/2015 08:24:59 Connecting to FlightAware adept server at piaware.flightaware.com/1200
12/19/2015 08:24:59 Connection with adept server at piaware.flightaware.com/1200 established
12/19/2015 08:24:59 TLS verify failed: self signed certificate in certificate chain
12/19/2015 08:24:59 Failing certificate:
12/19/2015 08:24:59   sha1_hash: B69ABB0BF41433F4E27434BF6628CE1EA1CAA704
12/19/2015 08:24:59   subject: CN=FlightAware Root,OU=Operations,O=FlightAware LLC,L=Houston,ST=TX,C=US
12/19/2015 08:24:59   issuer: CN=FlightAware Root,OU=Operations,O=FlightAware LLC,L=Houston,ST=TX,C=US
12/19/2015 08:24:59   notBefore: Dec  9 16:50:04 2015 GMT
12/19/2015 08:24:59   notAfter: Dec  4 16:50:04 2035 GMT
12/19/2015 08:24:59   serial: A9FE756D9E6B94B4
12/19/2015 08:24:59 TLS alert: unknown CA
12/19/2015 08:24:59 TLS error: certificate verify failed
12/19/2015 08:24:59 TLS handshake with adept server at piaware.flightaware.com/1200 failed: handshake failed: certificate verify failed
12/19/2015 08:24:59 reconnecting in 90 seconds...
...snip...


EDIT: Updated the title in hopes of making the solution easy to find by others.


ADS-B Receiver Project Setup Scripts
#2

If you are building on jessie you need to apply github.com/flightaware/piaware/ … fecc6e02b5
(you can do that after installing, split the combined .pem in /usr/lib/fa_adept_packages/ca into two then run “sudo c_rehash /usr/lib/fa_adept_packages/ca”)


#3

I am. Muchas gracias. I’ll give that a try.


#4

If you update to piaware_builder master again you should pick up that change automatically.
(I’m not going to tag a new release and bump the version etc since it’s a pretty minor thing that only affects building from source on jessie)


#5

I had to step out but glad I did, you made that so easy! Rebuilt 2.1-5 with the jessie fix (52c9537), and it is up and running. Big thanks as always.


#6

Umm I’m totally lost here… how do I “split the combined .pem in /usr/lib/fa_adept_packages/ca into two” ?


#7

Disregard, I figured it out.
Cheers