Not sure if this is the right place for this but here it goes.....

I tried to attach to WCG today and received the error: Scheduler request failed: peer certificate cannot be authenticated with known CA certificates. Googling this error I found I was missing the required ca-bundle.crt file. As directed in the forum post I downloaded the file from the boinc site. When I continued to receive the same error, I opened the file and found it had expired on July 11, 2009. Could someone please update the .crt file please or if it has been updated add a link to it from the download page for easy access. Thank you....

---

post os, client version of boinc please...

OS: PC-BSD, FreeBSD 7.2
Client: 6.4.5_4 built from FreeBSD ports tree.

Running under linux emulation. Found another ca-bundle.crt in the /compat/linux/etc/pki/tls/certs that someone in another message board said had worked for them. So I copied that over to /var/db/boinc but that one didn't work for me either. I did check, that one was still valid so I must have a different issue.

Yes, the system clock is set correctly...

Did you exit BOINC and restart it between changing your ca-bundle.crt files?
Although I must say, I do see it is expired. Was good till Saturday, July 11, 2009 18:14:18

---

I have just spoken with the BOINC developer who deals with this. He'll try to build a new one and put the root CA for WCG in it, he thinks it should be finished in about 2 days. So check the link in the Wiki again on Tuesday evening (or whatever your time is).

---

It still looks weird, which the developer acknowledged. So he'll increase the lease on the thing anyway. Better safe than sorry.

---

From my chat with the developer:

that just happens to be the first certificate in the bundle
it actually has 140 certificates in the bundle
but Windows only shows the first one
The certificate that WCG relies on doesn't expire until 2019

And

You can see all of the certificates with the openssl tool

But then, hands please, who has that installed on his system?
... thought so. ;-)


You may need the ca-bundle.crt from your distro's repositories, though. Check those as well. And make sure to exit BOINC, then copy in the file, then restart BOINC or else it won't pick up the changed file.

---

Yes, I did restart boinc after moving the .crt file. But, if nothing else I did atleast find it was expired. I did follow the link from Sekerob and thought I saw something about WCG not supporting v6.4.5 yet but I can't find it again after I had to leave for dinner... I also found something about adding a local cc file and adding a line about the alt platform as well which I didn't have before... will let you all know how it works out...

Thanks everyone for all your help here!!!

Ben

Ageless, I just read your last post... I will also make sure that I exit boinc before I rename the old file and move the new one in... last time I did everything, then restarted boinc so I don't know if that makes a difference but I'll shut boinc down first just to be safe...

Well still having the same problem...moved ca-bundle.crt with the boinc-client not running. Made a cc_config.xml file in /var/db/boinc containing the alt_platform tag. Here is the messages from the Manager:

7/26/2009 8:55:55 PM Starting BOINC client version 6.4.5 for i386-portbld-freebsd
7/26/2009 8:55:55 PM log flags: task, file_xfer, sched_ops
7/26/2009 8:55:55 PM Libraries: libcurl/7.19.5 OpenSSL/0.9.8e zlib/1.2.3
7/26/2009 8:55:55 PM Running as a daemon
7/26/2009 8:55:55 PM Data directory: /var/db/boinc
7/26/2009 8:55:55 PM Processor: 1 i386 Pentium II/Pentium II Xeon/Celeron [] [3dnow mmx]
7/26/2009 8:55:55 PM Processor features:
7/26/2009 8:55:55 PM OS: FreeBSD: 7.2-STABLE
7/26/2009 8:55:55 PM Memory: 499.47 MB physical, 0 bytes virtual
7/26/2009 8:55:55 PM Disk: 13.37 GB total, 5.34 GB free
7/26/2009 8:55:55 PM Local time is UTC -4 hours
7/26/2009 8:55:55 PM Not using a proxy
7/26/2009 8:55:55 PM Can't load library libcudart
7/26/2009 8:55:55 PM No coprocessors
7/26/2009 8:55:55 PM No general preferences found - using BOINC defaults
7/26/2009 8:55:55 PM Preferences limit memory usage when active to 249.74MB
7/26/2009 8:55:55 PM Preferences limit memory usage when idle to 449.53MB
7/26/2009 8:55:55 PM Preferences limit disk usage to 5.24GB
7/26/2009 8:55:55 PM This computer is not attached to any projects
7/26/2009 8:55:55 PM Visit http://boinc.berkeley.edu for instructions
7/26/2009 9:01:07 PM Fetching configuration file from http://www.worldcommunitygrid.org/get_project_config.php
7/26/2009 9:01:36 PM World Community Grid Master file download succeeded
7/26/2009 9:01:42 PM World Community Grid Sending scheduler request: Project initialization. Requesting 1 seconds of work, reporting 0 completed tasks
7/26/2009 9:01:43 PM Project communication failed: attempting access to reference site
7/26/2009 9:01:44 PM Internet access OK - project servers may be temporarily down.
7/26/2009 9:01:47 PM World Community Grid Scheduler request failed: Peer certificate cannot be authenticated with known CA certificates


Anyone have any other ideas????

Where did you move the file to? It has to be in your BOINC Data directory, which is for you /var/db/boinc

---

I did put ca-bundle.crt in /var/db/boinc

I know thateveryone's time is at a premium, but I just checked and still no new ca-bundle.crt....

That is because of the fact that the certificate that WCG relies on doesn't expire until 2019. Which means it is most probably something else that is blocking you.

Firewall software? Proxy?
Did you specify that BOINC can get through on TCP ports 80 and 443?
Does WCG have any applications for FreeBSD?

---

Here's what I discovered about 8 months ago.

To make everything play nice together, a sym link (don't know if BSD does them) to the bundle in BOINC's data directory is necessary. I suppose you can copy the file too.

Here's what I did. This was on Fedora. You'll have to figure out where everything lives.

[root@Galaxy ~]# cd /var/lib/boinc
[root@Galaxy boinc]# ln -s /etc/pki/tls/certs/ca-bundle.crt

---

Kathryn :o)

Okay, so after reading on the WCG site that they don't support version 6.4.5, I downgraded the port to the next available version under the one they do support which was version 6.2.14. Then copied the ca-bundle.crt file into the /var/db/boinc directory and started crunching along. Now I'm waiting patiently for WCG to align with my CPID so I can get all my credits in a row. Thanks to every one for their help