Message boards : BOINC client : "SSL Connect Error" BOINC 7.20.2 for Windows 10 22H2
Message board moderation
Author | Message |
---|---|
Send message Joined: 14 Apr 23 Posts: 9 |
Originally asked on the WCG forums: https://www.worldcommunitygrid.org/forums/wcg/viewthread_thread,44701 Hi, first post on the BOINC forums. I tend to prefer using the latest stable release of software and was excited to upgrade to the 7.20 branch of BOINC client/manager. I noticed in the changelog that instead of using C:\Program Files\BOINC\ca-bundle.crt like earlier branches, the 7.20 branch uses Windows's built-in CA certificates. Yet when attempting to use 7.20.x, I get: 11/10/2022 7:23:25 PM | World Community Grid | Requesting new tasks for CPU 11/10/2022 7:23:26 PM | | Project communication failed: attempting access to reference site 11/10/2022 7:23:26 PM | World Community Grid | Scheduler request failed: Couldn't connect to server 11/10/2022 7:23:27 PM | | BOINC can't access Internet - check network connection or proxy configuration. 11/10/2022 7:24:13 PM | World Community Grid | update requested by user 11/10/2022 7:24:16 PM | World Community Grid | Sending scheduler request: Requested by user. 11/10/2022 7:24:16 PM | World Community Grid | Requesting new tasks for CPU 11/10/2022 7:24:17 PM | World Community Grid | Scheduler request failed: SSL connect error Note: I'm able to connect to other local computers on the local network, which means that networking works fine in BOINC Manager. The issue is solely with connectivity to the outside world, since 1) connectivity to WCG fails; and 2) connectivity to the reference site (I believe BOINC uses https://google.com) also fails. I've since reverted back to the 7.16.11 version, which works fine. Can someone help me troubleshoot and resolve this? I'm not using a proxy or anything. Just a home user on Windows 10 Pro 22H2. This SSL error occurs on two PCs, and the workaround to downgrade to 7.16 worked on both PCs. Either BOINC cannot access the Windows CA certificates, or maybe my computers are compromised, which would be creepy. Any ideas? I didn't get any solutions on the WCG forums. |
Send message Joined: 29 Aug 05 Posts: 15563 |
Are they up then? I haven't been keeping up with all the latest news, but as far as I know they're still in the process of setting up the project, with a lot of problems. See https://boinc.berkeley.edu/forum_thread.php?id=14949 and https://www.worldcommunitygrid.org/forums/wcg/viewthread_thread,45230_offset,10 |
Send message Joined: 14 Apr 23 Posts: 9 |
This has nothing to do with WCG being up or down and everything to do with why 7.20 (which uses Windows's CA certificate bundle instead of BOINC's ca-bundle.crt) doesn't work. In case it's not clear from my OP: 1. In 7.20 on Windows, even the reference site connectivity fails to https://google.com 2. Downgrading to 7.16 on Windows works fine. I need help identifying the reason BOINC 7.20.x on Windows fails to set up a TLS handshake. |
Send message Joined: 28 Jun 10 Posts: 2701 |
I need help identifying the reason BOINC 7.20.x on Windows fails to set up a TLS handshake. Using 7.20.2 here under WINE rather than Windows, it connects fine. Is it possible you have updates to your Windows10 disabled so it is causing the problem? If the problem were general, I would have expected to see lots of posts about it. |
Send message Joined: 14 Apr 23 Posts: 9 |
I'm on Win10Pro 22H2 and make sure to get the monthly Windows Updates. Currently on April 2023 patch level. I just wish there was a way to troubleshoot this. Maybe I can run a packet capture on the router and see if the Windows boxes are even making an outbound attempt to Google from BOINC, but I think they're not even leaving the system. I do have Secure Boot disabled on these boxes unfortunately. It's weird that it affects two of my desktops instead of just one. There was a known issue in Windows 11 where TLS handshakes would fail, but I couldn't find a known issue in Windows 10 for the same thing. I could somehow try to find the source code on GitHub on how BOINC 7.20+ uses the Windows API for TLS, but... my programming is rusty. I have a newer laptop on Windows as well and could try BOINC 7.20 and see if the problem occurs on the laptop too or not. For now, 7.16 works fine, and I do plan on selling or retiring both of these PCs. It's just annoying I can't find out root cause. |
Send message Joined: 14 Apr 23 Posts: 9 |
I'm gonna try this tool and see if I'm compromised by malware that installed a rogue CA certificate. https://www.ghacks.net/2015/11/25/give-your-windows-certificate-store-a-thorough-scan-for-suspicious-certs/ But even if I was, BOINC would still be able to hit the Google.com test site. It'd just be MITM to the attacker. Edit: Microsoft Sigcheck seems newer and part of their SysInternals suite. I'll run that. |
Send message Joined: 29 Aug 05 Posts: 15563 |
and everything to do with why 7.20 (which uses Windows's CA certificate bundle instead of BOINC's ca-bundle.crt) doesn't work.Well, in that case you seem to be missing a certificate, and then it's not BOINC's fault. I've just updated my 7.16.20 to 7.20.2 on Windows 10 Pro 22H2 and it has no trouble at all contacting WCG. So, go to Options->Event Log Options and check http_debug -> Apply -> Save. Then contact WCG and copy & post that part of the log, it's quite long. Best turn off http_debug after this. Or compare it against mine here: 14/04/2023 15:38:57 | World Community Grid | update requested by user 14/04/2023 15:38:58 | | [http] HTTP_OP::init_get(): https://www.worldcommunitygrid.org/viewNoticesRSSFeed.action?userIdHash=169974_edf17a5b8421cc294c6dace3cc57d81d 14/04/2023 15:38:58 | World Community Grid | Sending scheduler request: Requested by user. 14/04/2023 15:38:58 | World Community Grid | Not requesting tasks: "no new tasks" requested via Manager 14/04/2023 15:38:58 | World Community Grid | [http] HTTP_OP::init_post(): https://scheduler.worldcommunitygrid.org/boinc/wcg_cgi/fcgi 14/04/2023 15:38:58 | | [http] [ID#0] Info: Found bundle for host: 0x21446c3b6f0 [serially] 14/04/2023 15:38:58 | | [http] [ID#0] Info: Re-using existing connection #20 with host www.worldcommunitygrid.org 14/04/2023 15:38:58 | | [http] [ID#0] Info: Connected to www.worldcommunitygrid.org (199.241.167.118) port 443 (#20) 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: GET /viewNoticesRSSFeed.action?userIdHash=169974_edf17a5b8421cc294c6dace3cc57d81d HTTP/1.1 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: Host: www.worldcommunitygrid.org 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: User-Agent: BOINC client (windows_x86_64 7.20.2) 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: Accept: */* 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: Accept-Encoding: deflate, gzip 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: Accept-Language: en_GB 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: p_vendor> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <p_model>AMD Ryzen 9 3900X 12-Core Processor [Family 23 Model 113 Stepping 0]</p_model> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <p_features>fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 htt pni ssse3 fma cx16 sse4_1 sse4_2 movebe popcnt aes f16c rdrandsyscall nx lm avx avx2 svm sse4a osvw ibs skinit wdt tce topx page1gb rdtscp fsgsbase bmi1 smep bmi2</p_features> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <p_fpops>5338311270.927796</p_fpops> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <p_iops>16277292994.575529</p_iops> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <p_membw>90909090.909091</p_membw> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <p_calculated>1681479301.529600</p_calculated> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <p_vm_extensions_disabled>0</p_vm_extensions_disabled> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <m_nbytes>34281639936.000000</m_nbytes> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <m_cache>524288.000000</m_cache> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <m_swap>39381913600.000000</m_swap> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <d_total>4000776716288.000000</d_total> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <d_free>2968820645888.000000</d_free> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <os_name>Microsoft Windows 10</os_name> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <os_version>Professional x64 Edition, (10.00.19045.00)</os_version> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <n_usable_coprocs>1</n_usable_coprocs> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <wsl_available>0</wsl_available> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <coprocs> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <coproc_ati> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <count>1</count> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <name>AMD Radeon RX 5700 XT</name> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <available_ram>8573157376.000000</available_ram> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <have_cal>0</have_cal> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <have_opencl>1</have_opencl> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <peak_flops>9292800000000.000000</peak_flops> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <CALVersion></CALVersion> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <target>0</target> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <localRAM>8176</localRAM> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <uncachedRemoteRAM>0</uncachedRemoteRAM> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <cachedRemoteRAM>0</cachedRemoteRAM> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <engineClock>1815</engineClock> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <memoryClock>0</memoryClock> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <wavefrontSize>0</wavefrontSize> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <numberOfSIMD>0</numberOfSIMD> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <doublePrecision>0</doublePrecision> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <pitch_alignment>0</pitch_alignment> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <surface_alignment>0</surface_alignment> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <maxResource1DWidth>0</maxResource1DWidth> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <maxResource2DWidth>0</maxResource2DWidth> 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: <maxRes 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Info: Found bundle for host: 0x2144918b2c0 [serially] 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Info: Re-using existing connection #21 with host scheduler.worldcommunitygrid.org 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Info: Connected to scheduler.worldcommunitygrid.org (199.241.167.118) port 443 (#21) 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: POST /boinc/wcg_cgi/fcgi HTTP/1.1 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: Host: scheduler.worldcommunitygrid.org 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: User-Agent: BOINC client (windows_x86_64 7.20.2) 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: Accept: */* 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: Accept-Encoding: deflate, gzip 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: Accept-Language: en_GB 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: Content-Length: 11428 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: Content-Type: application/x-www-form-urlencoded 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: l>AMD Ryzen 9 3900X 12-Core Processor [Family 23 Model 113 Stepping 0]</p_model> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <p_features>fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 htt pni ssse3 fma cx16 sse4_1 sse4_2 movebe popcnt aes f16c rdrandsyscall nx lm avx avx2 svm sse4a osvw ibs skinit wdt tce topx page1gb rdtscp fsgsbase bmi1 smep bmi2</p_features> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <p_fpops>5338311270.927796</p_fpops> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <p_iops>16277292994.575529</p_iops> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <p_membw>90909090.909091</p_membw> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <p_calculated>1681479301.529600</p_calculated> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <p_vm_extensions_disabled>0</p_vm_extensions_disabled> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <m_nbytes>34281639936.000000</m_nbytes> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <m_cache>524288.000000</m_cache> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <m_swap>39381913600.000000</m_swap> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <d_total>4000776716288.000000</d_total> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <d_free>2968820645888.000000</d_free> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <os_name>Microsoft Windows 10</os_name> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <os_version>Professional x64 Edition, (10.00.19045.00)</os_version> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <n_usable_coprocs>1</n_usable_coprocs> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <wsl_available>0</wsl_available> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <coprocs> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <coproc_ati> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <count>1</count> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <name>AMD Radeon RX 5700 XT</name> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <available_ram>8573157376.000000</available_ram> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <have_cal>0</have_cal> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <have_opencl>1</have_opencl> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <peak_flops>9292800000000.000000</peak_flops> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <CALVersion></CALVersion> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <target>0</target> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <localRAM>8176</localRAM> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <uncachedRemoteRAM>0</uncachedRemoteRAM> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <cachedRemoteRAM>0</cachedRemoteRAM> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <engineClock>1815</engineClock> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <memoryClock>0</memoryClock> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <wavefrontSize>0</wavefrontSize> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <numberOfSIMD>0</numberOfSIMD> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <doublePrecision>0</doublePrecision> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <pitch_alignment>0</pitch_alignment> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <surface_alignment>0</surface_alignment> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <maxResource1DWidth>0</maxResource1DWidth> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <maxResource2DWidth>0</maxResource2DWidth> 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Sent header to server: <maxRes 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Info: We are completely uploaded and fine 14/04/2023 15:38:58 | | [http] [ID#0] Info: Mark bundle as not supporting multiuse 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: HTTP/1.1 200 OK 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Date: Fri, 14 Apr 2023 13:38:59 GMT 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Server: Apache 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: X-Powered-By: Servlet/3.1 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: ETag: 1749239462 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: X-Content-Type-Options: nosniff 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: X-XSS-Protection: 1; mode=block 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Cache-Control: no-cache, no-store, max-age=0, must-revalidate 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Pragma: no-cache 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Expires: 0 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Strict-Transport-Security: max-age=31536000; includeSubDomains 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: X-Frame-Options: SAMEORIGIN 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Vary: Accept-Encoding 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Content-Encoding: gzip 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Referrer-Policy: no-referrer-when-downgrade 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://tagmanager.google.com https://d2bnxibecyz4h5.cloudfront.net https://www.google-analytics.com/analytics.js https://static.cdn.prismic.io/prismic.js; connect-src 'self' https://www.google-analytics.com https://surveygizmobeacon.s3.amazonaws.com https://world-community-grid.cdn.prismic.io https://world-community-grid.prismic.io/api/v2; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com; img-src * data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com https://www.youtube-nocookie.com https://www.surveygizmo.com https://world-community-grid.prismic.io/; 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Content-Type: text/xml; charset=UTF-8 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Content-Language: en-US 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Set-Cookie: WCG-SESSION=0000p4XIi_FEjRLM1A7r3rFHEJ2:-1; Expires=Fri, 14-Apr-23 14:08:58 GMT; Path=/; Domain=.worldcommunitygrid.org; Secure; HttpOnly 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: Transfer-Encoding: chunked 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: 14/04/2023 15:38:58 | | [http] [ID#0] Received header from server: 4ae 14/04/2023 15:38:58 | | 14/04/2023 15:38:58 | | [http] [ID#0] Info: Connection #20 to host www.worldcommunitygrid.org left intact 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Info: schannel: failed to decrypt data, need more data 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Info: schannel: failed to decrypt data, need more data 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Info: Mark bundle as not supporting multiuse 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Received header from server: HTTP/1.1 200 OK 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Received header from server: Date: Fri, 14 Apr 2023 13:38:59 GMT 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Received header from server: Server: Apache 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Received header from server: Vary: Accept-Encoding 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Received header from server: Content-Encoding: gzip 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Received header from server: X-Frame-Options: SAMEORIGIN 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Received header from server: Content-Length: 3099 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Received header from server: Content-Type: text/xml 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Received header from server: 14/04/2023 15:38:58 | World Community Grid | 14/04/2023 15:38:58 | World Community Grid | [http] [ID#1] Info: Connection #21 to host scheduler.worldcommunitygrid.org left intact 14/04/2023 15:38:59 | World Community Grid | Scheduler request completed 14/04/2023 15:38:59 | World Community Grid | Project requested delay of 121 seconds |
Send message Joined: 14 Apr 23 Posts: 9 |
Thanks for the http_debug idea. I upgraded one of the boxes from 7.16.11 to 7.20.2 4/14/2023 10:27:11 AM | World Community Grid | update requested by user 4/14/2023 10:27:12 AM | | [http] HTTP_OP::init_get(): https://www.worldcommunitygrid.org/viewNoticesRSSFeed.action?userIdHash=[hash-redacted] 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: Hostname in DNS cache was stale, zapped 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: Trying 199.241.167.118:443... 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: Connected to www.worldcommunitygrid.org (199.241.167.118) port 443 (#3) 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: schannel: disabled automatic use of client certificate 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: ALPN: offers http/1.1 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: schannel: next InitializeSecurityContext failed: Unknown error (0x80092013) - The revocation function was unable to check revocation because the revocation server was offline. 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: Closing connection 3 4/14/2023 10:27:12 AM | | [http] HTTP error: SSL connect error 4/14/2023 10:27:15 AM | World Community Grid | Sending scheduler request: Requested by user. 4/14/2023 10:27:15 AM | World Community Grid | Reporting 1 completed tasks 4/14/2023 10:27:15 AM | World Community Grid | Not requesting tasks: don't need () 4/14/2023 10:27:15 AM | World Community Grid | [http] HTTP_OP::init_post(): https://scheduler.worldcommunitygrid.org/boinc/wcg_cgi/fcgi 4/14/2023 10:27:15 AM | | [http] HTTP_OP::init_get(): https://boinc.berkeley.edu/download.php?xml=1 4/14/2023 10:27:15 AM | | [http] [ID#0] Info: Trying 208.68.240.115:443... 4/14/2023 10:27:15 AM | World Community Grid | [http] [ID#1] Info: Trying 199.241.167.118:443... 4/14/2023 10:27:15 AM | World Community Grid | [http] [ID#1] Info: Connected to scheduler.worldcommunitygrid.org (199.241.167.118) port 443 (#4) 4/14/2023 10:27:15 AM | World Community Grid | [http] [ID#1] Info: schannel: disabled automatic use of client certificate 4/14/2023 10:27:15 AM | World Community Grid | [http] [ID#1] Info: ALPN: offers http/1.1 4/14/2023 10:27:15 AM | | [http] [ID#0] Info: Connected to boinc.berkeley.edu (208.68.240.115) port 443 (#5) 4/14/2023 10:27:15 AM | | [http] [ID#0] Info: schannel: disabled automatic use of client certificate 4/14/2023 10:27:15 AM | | [http] [ID#0] Info: ALPN: offers http/1.1 4/14/2023 10:27:15 AM | World Community Grid | [http] [ID#1] Info: schannel: next InitializeSecurityContext failed: Unknown error (0x80092013) - The revocation function was unable to check revocation because the revocation server was offline. 4/14/2023 10:27:15 AM | World Community Grid | [http] [ID#1] Info: Closing connection 4 4/14/2023 10:27:15 AM | World Community Grid | [http] HTTP error: SSL connect error 4/14/2023 10:27:15 AM | | [http] [ID#0] Info: schannel: next InitializeSecurityContext failed: Unknown error (0x80092013) - The revocation function was unable to check revocation because the revocation server was offline. 4/14/2023 10:27:15 AM | | [http] [ID#0] Info: Closing connection 5 4/14/2023 10:27:15 AM | | [http] HTTP error: SSL connect error 4/14/2023 10:27:16 AM | World Community Grid | Scheduler request failed: SSL connect error |
Send message Joined: 29 Aug 05 Posts: 15563 |
The revocation function was unable to check revocation because the revocation server was offlineHow do you connect to the internet? Via a proxy? A VPN? Any other means that uses its own certificate or certificate server, like a corporate server (active server or domain) or firewall? People posting about it with the same problem: https://learn.microsoft.com/en-us/answers/questions/1003508/new-ad-cs-2022-issuing-wont-start-because-the-revo https://stealthpuppy.com/resolving-issues-starting-ca-offline-crl/ |
Send message Joined: 14 Apr 23 Posts: 9 |
The revocation function was unable to check revocation because the revocation server was offlineHow do you connect to the internet? Via a proxy? A VPN? Any other means that uses its own certificate or certificate server, like a corporate server (active server or domain) or firewall? No proxy. No VPN. No special certificate or CA situation. No corporate server, just home user and home network. No special firewall or TLS decryption/deep packet inspection stuff. No Active Directory domain or anything fancy like that. No fancy HIDS/HIPS or even 3rd party antivirus. Just using Windows Defender. BOINC 7.16.x version works perfectly fine, but it uses C:\Program Files\BOINC\ca-bundle.crt instead of relying on Windows. Edited to Add: I tried BOINC 7.22.0 for Windows (unreleased I believe), and it's the same error. Here's a part where it tries to access the reference site: 4/14/2023 11:00:03 AM | | [http] [ID#0] Info: Trying 64.233.185.147:443... 4/14/2023 11:00:03 AM | | [http] [ID#0] Info: Connected to www.google.com (64.233.185.147) port 443 (#1) 4/14/2023 11:00:03 AM | | [http] [ID#0] Info: schannel: disabled automatic use of client certificate 4/14/2023 11:00:03 AM | | [http] [ID#0] Info: ALPN: offers http/1.1 4/14/2023 11:00:03 AM | | [http] [ID#0] Info: schannel: next InitializeSecurityContext failed: Unknown error (0x80092013) - The revocation function was unable to check revocation because the revocation server was offline. 4/14/2023 11:00:03 AM | | [http] [ID#0] Info: Closing connection 1 4/14/2023 11:00:03 AM | | [http] HTTP error: SSL connect error 4/14/2023 11:00:03 AM | | BOINC can't access Internet - check network connection or proxy configuration. |
Send message Joined: 29 Aug 05 Posts: 15563 |
Can you please post all contents of both global_prefs.xml and global_prefs_override.xml, if the latter exists? You can open these with Notepad, and they're found in your BOINC data directory, default in a hidden directory at C:\Programdata\BOINC\, so fill in the address in Windows Explorer and hit Enter. Edit: and can you please post the first 30 or so lines of a start up log after you started BOINC? |
Send message Joined: 29 Aug 05 Posts: 15563 |
Meanwhile. My log goes: 14/04/2023 15:38:58 | | [http] [ID#0] Info: Connected to www.worldcommunitygrid.org (199.241.167.118) port 443 (#20) 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: GET /viewNoticesRSSFeed.action?userIdHash=169974_edf17a5b8421cc294c6dace3cc57d81d HTTP/1.1 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: Host: www.worldcommunitygrid.org 14/04/2023 15:38:58 | | [http] [ID#0] Sent header to server: User-Agent: BOINC client (windows_x86_64 7.20.2) Your log goes: 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: Connected to www.worldcommunitygrid.org (199.241.167.118) port 443 (#3) 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: schannel: disabled automatic use of client certificate 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: ALPN: offers http/1.1 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: schannel: next InitializeSecurityContext failed: Unknown error (0x80092013) - The revocation function was unable to check revocation because the revocation server was offline. 4/14/2023 10:27:12 AM | | [http] [ID#0] Info: Closing connection 3 My log doesn't state that it disabled automatic use of client certificate, yours does. This is a Curl error. Usually in combination with a VPN. Your modem/router doesn't have a VPN added either? Btw, something you said: I noticed in the changelog that instead of using C:\Program Files\BOINC\ca-bundle.crt like earlier branches, the 7.20 branch uses Windows's built-in CA certificates.Where did you see this? As I cannot find it. Neither in the 7.20 changelog, nor in the 7.22 changelog (checked in case you looked wrong), nor in the Release Notes in our Wiki. |
Send message Joined: 14 Apr 23 Posts: 9 |
Btw, something you said: 2nd line in the Wiki release notes. It wasn't immediately clear at first since it didn't say "CA" or "certificate" bundle, but it's clear if you think about it. Changes in 7.20.0 In other words: * In 7.16: Event Log with http_debug turned on: See BOINC mention using C:\Program Files\BOINC\ca-bundle.crt specifically and then successfully connect to WCG, Berkeley, Google, etc. * In 7.20+: Event Log with http_debug turned on: See BOINC mention Microsoft Schannel, which means BOINC now relies on Windows to set up the TLS session using built-in CA certificate store and built-in cryptographic libraries I can post the Event Log that 7.16 uses. But yes, I do believe since 7.20.0 that the OS's cert bundle is used. |
Send message Joined: 5 Oct 06 Posts: 5129 |
The change from ca-bundle.crt to schannel was the subject of intense discussion and testing in early October 2021 - I was heavily involved in that process. The first Windows release for v7.20 (7.20.0) became available in mid-June 2022. Details in https://github.com/BOINC/boinc/pull/4545. My question would be - what is the internet access like for other, more generic, applications on the affected machines? Do web browsers connect to secure sites normally? Is Windows Update working normally? Or is the connection problem limited, specifically, to BOINC and only BOINC? |
Send message Joined: 29 Aug 05 Posts: 15563 |
Can you please post all contents of both global_prefs.xml and global_prefs_override.xml, if the latter exists? You can open these with Notepad, and they're found in your BOINC data directory, default in a hidden directory at C:\Programdata\BOINC\, so fill in the address in Windows Explorer and hit Enter. |
Send message Joined: 14 Apr 23 Posts: 9 |
The change from ca-bundle.crt to schannel was the subject of intense discussion and testing in early October 2021 - I was heavily involved in that process. The first Windows release for v7.20 (7.20.0) became available in mid-June 2022. Details in https://github.com/BOINC/boinc/pull/4545. Hi Richard! I've posted a little on the GitHub over the years but made an account here. Been out of the loop a couple years. This only affects BOINC 7.20.0+ and only BOINC 7.20.0+ on the affected machines. Windows Updates and everything works without any issue. All web browsers (including Internet Explorer, Edge) connect to https sites without issue. No proxy or VPN or anything out of the ordinary. The only thing that comes to mind is I've disabled IPv6 on the adapters, leaving only IPv4. I haven't done anything in the Registry except disable the Windows Script Host, which prevents execution of .js and .vbs files. I can't think of anything out of the ordinary on these machines. Everything works except BOINC 7.20 and above. Desktop 1: Firefox Beta, Firefox Developer, Chromium, Thunderbird, messaging apps, MS Office, Spotify, dozens more normal apps that typically use https. Desktop 2: Firefox Beta, Google Chrome, Android Studio, etc. Laptop 3: Currently never had BOINC installed, but is a fresher Windows 10 install than the desktops. I can try BOINC 7.20.0 on it (and assume it will work lol). Worst case scenario: It's not the end of the world. I plan on retiring both of these desktops sometime in 2023. Selling one and putting Linux on the other. I can get by just fine with 7.16 which uses ca-bundle.crt. This is more of a curiosity and wanting to be on the latest stable release. |
Send message Joined: 14 Apr 23 Posts: 9 |
BOINC 7.20.2 on Windows 7 Pro SP1 64-bit works fine: 4/15/2023 8:53:43 AM | World Community Grid | update requested by user 4/15/2023 8:53:43 AM | | [http] HTTP_OP::init_get(): https://www.worldcommunitygrid.org/viewNoticesRSSFeed.action?userIdHash=blah 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Too old connection (127 seconds idle), disconnect it 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Connection 3 seems to be dead 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Closing connection 3 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: schannel: shutting down SSL/TLS connection with boinc.berkeley.edu port 443 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Too old connection (127 seconds idle), disconnect it 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Connection 2 seems to be dead 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Closing connection 2 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: schannel: shutting down SSL/TLS connection with scheduler.worldcommunitygrid.org port 443 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Too old connection (124 seconds idle), disconnect it 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Connection 4 seems to be dead 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Closing connection 4 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: schannel: shutting down SSL/TLS connection with download.worldcommunitygrid.org port 443 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Found bundle for host: 0x2b06da0 [serially] 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Trying 199.241.167.118:443... 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: Connected to www.worldcommunitygrid.org (199.241.167.118) port 443 (#6) 4/15/2023 8:53:44 AM | | [http] [ID#0] Info: schannel: disabled automatic use of client certificate 4/15/2023 8:53:44 AM | | [http] [ID#0] Sent header to server: GET /viewNoticesRSSFeed.action?userIdHash=blahblahHTTP/1.1 4/15/2023 8:53:44 AM | | [http] [ID#0] Sent header to server: Host: www.worldcommunitygrid.org 4/15/2023 8:53:44 AM | | [http] [ID#0] Sent header to server: User-Agent: BOINC client (windows_x86_64 7.20.2) 4/15/2023 8:53:44 AM | | [http] [ID#0] Sent header to server: Accept: */* 4/15/2023 8:53:44 AM | | [http] [ID#0] Sent header to server: Accept-Encoding: deflate, gzip 4/15/2023 8:53:44 AM | | [http] [ID#0] Sent header to server: Accept-Language: en_US 4/15/2023 8:53:44 AM | | [http] [ID#0] Sent header to server: |
Send message Joined: 27 Jun 08 Posts: 641 |
I had a similar problem upgrading to 22H2: a required driver had an expired certificate and "core isolation" declared it explicitly revoked. l was unable to run the app except on a pre-22h2 system. If you have core isolation enabled, then disabled it. if it is disabled then enable it. Look in the (boinc) event log and see if the error message changes when you make changes in core isolation. windows event log may show more info so you might check that. If is is not possible to enable core isolation, then click on "details" and see why it cannot be enabled. I had about 6 problem drivers. that I had to update or remove to enable core isolatiion. edit: changed protection to isolation. |
Send message Joined: 27 Jun 08 Posts: 641 |
BOINC 7.20.2 on Windows 7 Pro SP1 64-bit works fine: l just noticed you are using https Detach and use http://www.worldcommunity The list in boinc folder is incorrect and shows https it should be http maybe this makes a difference in 22h2 just guessing edit: if "global_prefs:" has worldcommunity make sure it is http and not https |
Send message Joined: 29 Aug 05 Posts: 15563 |
No, that's normal. It's in my log as well: 14/04/2023 15:38:58 | | [http] HTTP_OP::init_get(): https://www.worldcommunitygrid.org/viewNoticesRSSFeed.action?userIdHash=169974_edf17a5b8421cc294c6dace3cc57d81dYou connect using http, but the internal server code changes that to https. AFAIK all projects are https these days. |
Copyright © 2024 University of California.
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License,
Version 1.2 or any later version published by the Free Software Foundation.