goagent无法正常生成CA.crt

92 views
Skip to first unread message

William Lyu

unread,
Feb 24, 2015, 10:40:53 AM2/24/15
to archli...@googlegroups.com
更新之后几乎无法上网,查看日志发现:
-- Logs begin at Mon 2014-11-03 13:40:31 CST, end at Tue 2015-02-24 23:36:36 CST. --
Feb 24 22:27:36 localhost goagent[742]: ------------------------------------------------------
Feb 24 22:27:36 localhost goagent[742]: GoAgent Version    : 3.2.3 (python/2.7.9 gevent/1.0 pyopenssl/0.14)
Feb 24 22:27:36 localhost goagent[742]: Listen Address     : 127.0.0.1:8087
Feb 24 22:27:36 localhost goagent[742]: GAE Mode           : https
Feb 24 22:27:36 localhost goagent[742]: GAE APPID          : junhongbillgae|junhongbillgfw1|junhongbillgfw2|junhongbillgfw3|junhongbillgfw4|junhongbillgfw5|junhongbillgfw6|junhongbillgfw7|junhongbillgfw8
Feb 24 22:27:36 localhost goagent[742]: Pac Server         : http://192.168.0.105:8086/proxy.pac
Feb 24 22:27:36 localhost goagent[742]: Pac File           : file:///usr/share/goagent/local/proxy.pac
Feb 24 22:27:36 localhost goagent[742]: ------------------------------------------------------
Feb 24 22:27:36 localhost goagent[742]: certutil: function failed: SEC_ERROR_BAD_DATABASE: security library: bad database.
Feb 24 22:27:36 localhost goagent[742]: certutil: function failed: SEC_ERROR_BAD_DATABASE: security library: bad database.
Feb 24 22:27:36 localhost goagent[742]: WARNING - [Feb 24 22:27:36] install root certificate failed, Please run as administrator/root/sudo
Feb 24 22:28:03 localhost goagent[742]: INFO - [Feb 24 22:28:03] resolve common.IPLIST_MAP names=['google_cn', 'google_hk', 'google_talk', 'google_ipv6'] to iplist
Feb 24 22:28:03 localhost goagent[742]: INFO - [Feb 24 22:28:03] resolve name=google_cn host to iplist=['64.233.189.166']
Feb 24 22:28:03 localhost goagent[742]: INFO - [Feb 24 22:28:03] resolve name=google_hk host to iplist=['173.194.127.152', '173.194.127.151', '173.194.127.143', '173.194.127.159', '64.233.189.166']
Feb 24 22:28:03 localhost goagent[742]: INFO - [Feb 24 22:28:03] resolve name=google_talk host to iplist=['64.233.189.166']
Feb 24 22:28:05 localhost goagent[742]: WARNING - [Feb 24 22:28:05] google_cn resolved too short iplist=['64.233.189.166'], switch to google_hk
Feb 24 22:28:05 localhost goagent[742]: INFO - [Feb 24 22:28:05] 127.0.0.1:34878 "STRIP CONNECT wiki.archlinux.org:443 HTTP/1.1" - -
Feb 24 22:28:05 localhost goagent[742]: Traceback (most recent call last):
Feb 24 22:28:05 localhost goagent[742]: File "/usr/lib/python2.7/SocketServer.py", line 599, in process_request_thread
Feb 24 22:28:05 localhost goagent[742]: self.finish_request(request, client_address)
Feb 24 22:28:05 localhost goagent[742]: File "/usr/share/goagent/local/proxylib.py", line 904, in finish_request
Feb 24 22:28:05 localhost goagent[742]: self.RequestHandlerClass(request, client_address, self)
Feb 24 22:28:05 localhost goagent[742]: File "/usr/share/goagent/local/goagent", line 759, in __init__
Feb 24 22:28:05 localhost goagent[742]: SimpleProxyHandler.__init__(self, *args, **kwargs)
Feb 24 22:28:05 localhost goagent[742]: File "/usr/lib/python2.7/SocketServer.py", line 655, in __init__
Feb 24 22:28:05 localhost goagent[742]: self.handle()
Feb 24 22:28:05 localhost goagent[742]: File "/usr/lib/python2.7/BaseHTTPServer.py", line 340, in handle
Feb 24 22:28:05 localhost goagent[742]: self.handle_one_request()
Feb 24 22:28:05 localhost goagent[742]: File "/usr/share/goagent/local/proxylib.py", line 1579, in handle_one_request
Feb 24 22:28:05 localhost goagent[742]: return BaseHTTPServer.BaseHTTPRequestHandler.handle_one_request(self)
Feb 24 22:28:05 localhost goagent[742]: File "/usr/lib/python2.7/BaseHTTPServer.py", line 328, in handle_one_request
Feb 24 22:28:05 localhost goagent[742]: method()
Feb 24 22:28:05 localhost goagent[742]: File "/usr/share/goagent/local/proxylib.py", line 1610, in do_METHOD
Feb 24 22:28:05 localhost goagent[742]: return plugin.handle(self, **action[1])
Feb 24 22:28:05 localhost goagent[742]: File "/usr/share/goagent/local/proxylib.py", line 1010, in handle
Feb 24 22:28:05 localhost goagent[742]: self.do_ssl_handshake(handler)
Feb 24 22:28:05 localhost goagent[742]: File "/usr/share/goagent/local/proxylib.py", line 996, in do_ssl_handshake
Feb 24 22:28:05 localhost goagent[742]: certfile = CertUtil.get_cert(handler.host)
Feb 24 22:28:05 localhost goagent[742]: File "/usr/share/goagent/local/proxylib.py", line 282, in get_cert
Feb 24 22:28:05 localhost goagent[742]: return CertUtil._get_cert(commonname, sans)
Feb 24 22:28:05 localhost goagent[742]: File "/usr/share/goagent/local/proxylib.py", line 264, in _get_cert
Feb 24 22:28:05 localhost goagent[742]: with open(certfile, 'wb') as fp:
Feb 24 22:28:05 localhost goagent[742]: IOError: [Errno 13] Permission denied: 'certs/.archlinux.org.crt'
Feb 24 22:28:05 localhost goagent[742]: INFO - [Feb 24 22:28:05] 127.0.0.1:34883 "STRIP CONNECT wiki.archlinux.org:443 HTTP/1.1" - -
Feb 24 22:28:05 localh

下面还有很多,似乎是无法正常生成证书文件。
在chrome中也无法导入商城的CA.crt 原因是不能解析这个文件。
但是我从git上自己拖下来的goagent生成的证书起码chrome是能用的。

那archlinux上的package为什么我用着不行?

William Lyu

unread,
Feb 24, 2015, 10:56:46 AM2/24/15
to archli...@googlegroups.com
无法导入生成的CA.cr,手滑打错了

穆里尼奥

unread,
Mar 4, 2015, 9:04:36 PM3/4/15
to archli...@googlegroups.com
自己手动加入

在 2015年2月24日星期二 UTC+8下午11:56:46,William Lyu写道:
无法导入生成的CA.cr,手滑打错了
Reply all
Reply to author
Forward
0 new messages