We have this on going issue with sample data not being available when we run Slicer on our Linux servers at work:
Switch to module: "SampleData" <b>Requesting download</b> <i>MR-head.nrrd</i> from https://github.com/Slicer/SlicerTestingData/releases/download/SHA256/cc211f0dfd9a05ca3841ce1141b292898b2dd2d3f08286affadf823a7e58df93 ... <font color="red"><b> Download failed: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:847)></b></font>
On the same server (and in the same command line session), I can start firefox and paste the exact url and download the data. There is no http_proxy or any other variable set. The admin asked this:
“Does slicer have its own certificate store? Or does it have a flag to say which certificate store to use?”
I do not know the answer to this question. Any ideas?
jcfr
(Jean Christophe Fillion Robin (Kitware))
May 4, 2021, 6:52pm
2
We indeed generate own certificate bundle.
See Slicer/Base/QTCore/Resources/Certs at main · Slicer/Slicer · GitHub
Which version of Slicer is problematic ?
This was with the latest stable, but as far as I know every version had the issue.
jcfr
(Jean Christophe Fillion Robin (Kitware))
May 4, 2021, 7:15pm
4
Which operating system ? Is the issue specific to macOS ?
Slicer version
Operating System
Type of build
SampleData download working
4.13.0 / r29885
Windows
Preview installer
yes
4.13.0 / r29874
Linux
Local Developer build
yes
This is on Linux. However, the issue is specific to our Linux environment, I think.
jcfr
(Jean Christophe Fillion Robin (Kitware))
May 4, 2021, 7:49pm
6
the issue is specific to our Linux environment
It would be great to sort this out.
Few hints:
Does Slicer pick up a different version of OpenSSL ?
Is the env. variable SSL_CERT_FILE
set to a valid bundle ?
This is what I get from the command prompt prior to launching Slicer:
amaga@pplhpc1ood01:/gpfs/home/amaga/Desktop$ ldconfig -p |grep -i ssl
libssl3.so (libc6,x86-64) => /lib64/libssl3.so
libssl.so.10 (libc6,x86-64) => /lib64/libssl.so.10
libssl.so (libc6,x86-64) => /lib64/libssl.so
libevent_openssl-2.0.so.5 (libc6,x86-64) => /lib64/libevent_openssl-2.0.so.5
setting
export SSL_CERT_FILE=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
has no effect.
Nor setting the SSL_CERT_FILE variable to the Slicer.crt in Slicer install directory.