I tried to build my application which uses QNetworkManager to communicate to a server. I did not have any problems on older Linux versions but with the newest Ubuntu 22.04 the network reply fails and QtCreator shows this output:
Incompatible version of OpenSSL (built with OpenSSL 1.x, runtime version is >= 3.x)
The backend "cert-only" does not support QSslKey
Active TLS backend does not support key creation
The backend "cert-only" does not support QSslKey
Active TLS backend does not support key creation
The backend "cert-only" does not support QSslKey
Active TLS backend does not support key creation
The backend "cert-only" does not support QSslKey
Active TLS backend does not support key creation
The backend "cert-only" does not support QSslKey
Active TLS backend does not support key creation
The backend "cert-only" does not support QSslKey
Active TLS backend does not support key creation
The backend "cert-only" does not support QSslSocket
The backend named "cert-only" does not support TLS
QSslSocket::connectToHostEncrypted: TLS initialization failed
QSslSocket::connectToHostEncrypted: TLS initialization failed
When I build my application on older Ubuntu (20.04) and deploy it as AppImage, and then run it on Ubuntu 22.04, the network communication fails too with the same error.
How can this be solved? I need to be able to create AppImage on older Ubuntu and then run it "everywhere"...
UPDATE: I managed to build and deploy deploy AppImage of my application on Ubuntu 20.04 with correct OpenSSL library and now it runs also on Ubuntu 22.04. The trick is to manually copy libssl.so.1.1 to the AppImage lib folder before calling linuxdeployqt on it.
But I still have not found how to build and run my application with QtCreator on Ubuntu 22.04. Fortunately this is not of high importance to me because I build it for deployment on Ubuntu 20.04.
I was able to solve this issue on Ubuntu 22.04 and Qt 6.3.0 following this workaround:
https://linuxpip.org/install-openssl-linux/
You have to build OpenSSL 1.1 from source code and tell the system to use the newly installed OpenSSL.
Other answers work, but rather than manually installing or copying file around, I would suggest to use a .deb.
libssl1.1 package can be downloaded from https://packages.ubuntu.com/focal-updates/libssl1.1
Then you can simply install it with sudo dpkg -i libssl1.1_1.1.1f-1ubuntu2.16_amd64.deb.
In this way, it will appear in your installed package list and you will be able to cleanly remove it when you do not need it anymore.
Related
Is it possible to build a shared library or Linux application that uses OpenSSL installed on respective Linux machines?
For example, when we compile and link, we use "-lssl -lcrypto" similar to this is there any option or solution to use the OpenSSL library installed on the machine on which the application will be running. We can't use "dlopen".
So my application should be built in such a way that when installed on CentOS 7 it should use the default OpenSSL 1.0.2 of CentOS 7 and when installed on Ubuntu 20.04 it should use OpenSSL 1.1.1
How can I achieve it, please?
You have five options in my view.
Static link OpenSSL
Deploy your application with Anaconda packages
Deploy your application with Docker container
Build separate packages for each OS
Force your users to install OpenSSL from source
I have set up a code-server on a remote machine and when browsing the extensions, the C/C++-Extension from Microsoft is not available.
It is also not possible to install it via the CLI:
pi#raspberrypi:~ $ code-server --install-extension ms-vscode.cpptools
Installing extensions...
Extension 'ms-vscode.cpptools' not found.
Make sure you use the full extension ID, including the publisher, e.g.: ms-dotnettools.csharp
Failed Installing Extensions: ms-vscode.cpptools
Is this extension just not available, or is it, because the server is not accessible via HTTPS (I couldn't get the certification to work)
First you have to fullfill prerequisites: https://code.visualstudio.com/docs/cpp/config-linux
Then download the extension:
https://marketplace.visualstudio.com/items?itemName=ms-vscode.cpptools
-> Click on version history and choose for your linux architecture.
Install extension with: code-server --install-extension ms-vscode.cpptools-1.10.3#linux-x64.vsix
I am new to Docker and I am trying my hands at it.
I have an image that is on ubuntu 18.04 running an interactive container with it.
I want to install .net3.1 core on it and commit it to my image.
referring to this linklink to install the .net core.
I have installed .net core in one of my EC2, machines similar way.
Here is a commend that I am running
wget https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
I am getting an error below:
--2021-01-08 11:38:46-- https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb
Resolving packages.microsoft.com (packages.microsoft.com)... failed: Temporary failure in name resolution.
wget: unable to resolve host address 'packages.microsoft.com'
Could some one help me out with this and make me install .net core in this container?
I'm new to the MongoDB. My virtual machine runs Ubuntu 14.04.5 with mongod, which is standard for this OS:
hekto#ubuntu:~$ mongod --version
db version v2.4.9
Tue Jun 5 18:00:23.923 git version: nogitversion
I've built a Mongo C++ Driver Ver 3.2.0 from sources and tried to write some tests. All of them output an exception below:
Server at localhost:27017 reports wire version 0, but this version of libmongoc requires at least 3 (MongoDB 3.0): generic server error
It looks like the C++ client and the server are incompatible.
Are there any tricks, which can be used with the Mongo C++ Driver to force it to work with older Mongo servers?
I can't convert the database itself to any new format for now, but also wouldn't like to learn the obsolete driver API.
MongoDB 2.4.9 has been end-of-life for quite some time: https://www.mongodb.com/support-policy, and most drivers have dropped support for talking to it.
If you are just starting with MongoDB, you should start with the newest available stable version, which is currently 3.6.5.
You can obtain packages for Ubuntu 14.04 according to the instructions here https://docs.mongodb.com/manual/tutorial/install-mongodb-on-ubuntu/
Ambari version: 2.2.2.18
HDP stack: 2.4.3
OS: centos 7.3
Issue description:
Ambari-server can't communicate with Ambari agent. I can see below error in the ambari-agent logs:
ERROR 2017-09-18 06:35:34,684 NetUtil.py:84 - [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:579)
ERROR 2017-09-18 06:35:34,684 NetUtil.py:85 - SSLError: Failed to connect. Please check openssl library versions.
I am facing this issue recently and it appears this can be replicated consistently after the instances are restarted. (I am using EC2 instances).
I am able to register agent nodes successfully, install HDP cluster, run yarn jobs etc.. no problem at all. Once i restart my instances, I see this problem.
There are some solutions already posted for this problem like:
Downgrade the Python from 2.7 to lower. This is a known problem of
Ambari with Python 2.7
Control the certificate verification by disabling it.
Set "verify = disable"; under /etc/python/cert-verification.cfg
I don't want to play with Python as it can disrupt lot many things like Cassandra, yum package manager etc...
Second work around is very much easy and it works well!
Now comes my question :- Is it safe to disable the certificate verification in Python ? i.e. by setting property verify = disable
Generally, it's a bad idea. If somebody has access to port on server that is used for agent-server communication (8443 if I'm not mistaken), he can register as agent and get all your cluster configs&passwords. Or classic man-in-the-middle attack would allow to do the same by reading your unencrypted traffic. A bit more difficult attack would allow to send commands to agents (probably with root permissions).
Your issue sounds like you reprovisioned your ambari-server host, and left old ambari-agent instances running, or maybe your certificates became outdated? At first connection to ambari-server, agents generate certificates and send to server. Server signs these certificates with it's own key, so now server-agent connection is encrypted. Did you try to remove old certificates and restart server&agents as suggested here?
How did we investigate this issue and What solution we adopted:
Investigation Details:
Downgrading to Python 2.6 is not feasible as there are OS dependencies and as per Suggestion from 'Dmitriusan' in the previous comment, it's not a good idea to disable certificate verification in Python.
We use AWS EC2
With Python 2.7, JDK 1.8 and Cent OS 7.2 there is no issue. Everything is smooth.
With Python 2.7, JDK 1.8 and Cent OS 7.3 and Centos 7.4 we are seeing this issue.
Issue which I have reported here, is with respect to Centos 7.3 and with Centos 7.4 Issue is slightly different. Certificate verification fails while adding nodes to the cluster itself.
Downgrading from centos 7.3 to 7.2 is not straight forward. And AWS EC2 market place provides Centos 7.0 Image and when we create instance from this image, it applies security and patch updates resulting in Centos 7.3.
We can create our own Image of Centos 7.2 from existing servers but, It's always good to be with the latest update for the OS for security reasons.
To describe it shortly, we had workarounds but not a solution.
Solution which we adopted:
After series of tests, we decided to upgrade to Centos 7.4, HDP-2.6.3.0, and Ambari 2.6.0.0
With Centos 7.4 and Ambari Version 2.6.0.0, we don't see this issue even though I have 'Python 2.7.5' installed.
So this looks to be an Issue with Ambari
Older version of Ambari (2.4.2) does not recognize the force TLS configuration. We upgraded Ambari to 2.6.2 and heart beat started working.