Comments (2)
ericmj
commented on July 30, 2024
Can you show the full output of the mix deps.get command. It's making a request to builds.hex.pm which suggests it's trying to install hex or rebar? It could also be the update checker failing but that shouldn't fully error like that.
If it's trying to install rebar or hex then the cacerts_path won't be used as it's Elixir doing that. Elixir will use the environment variable HEX_CACERTS_PATH though which you can set to the same value.
from hex.
lovett
commented on July 30, 2024
Thanks for the environment variable suggestion, I think that was it.
I was indeed getting stuck on rebar. And I had been favoring hex.config over the env approach. I'm not yet sure why, but it seems like the macports-based Erlang installation I started with was somehow not right (apart from the OS cert chain not working out-of-the-box). Setting HEX_CACERTS_PATH via environment variable did not work there, but it did work when I moved to an asdf-based Erlang installation. Not sure if it's an OpenSSL complication or not, but for this issue it's probably moot.
If it's helpful, the dynamics of the environment variable and the hex config weren't clear. They don't seem to be as equal as the documentation suggests, at least when it comes to rebar.
For completeness, the full output I was seeing previously is below. Probably nothing more to be done here.
Thanks again for the help.
Run 1: Erlang + OpenSSL 3.1.6 (from macports)
$ mix deps.get --only prod
** (Mix) httpc request failed with: {:failed_connect, [{:to_address, {~c"builds.hex.pm", 443}}, {:inet, [:inet], {:tls_alert, {:certificate_expired, ~c"TLS client: In state wait_cert_cr at ssl_handshake.erl:2158 generated CLIENT ALERT: Fatal - Certificate Expired\n"}}}]}
Could not install Hex because Mix could not download metadata at https://builds.hex.pm/installs/hex-1.x.csv.
Alternatively, you can compile and install Hex directly with this command:
$ mix archive.install github hexpm/hex branch latest
Run 2: After installing hex from GitHub
$ mix deps.get --only prod
Resolving Hex dependencies...
Resolution completed in 0.647s
Unchanged:
...[package list omitted]...
** (Mix) httpc request failed with: {:failed_connect, [{:to_address, {~c"builds.hex.pm", 443}}, {:inet, [:inet], {:tls_alert, {:certificate_expired, ~c"TLS client: In state wait_cert_cr at ssl_handshake.erl:2158 generated CLIENT ALERT: Fatal - Certificate Expired\n"}}}]}
Could not install Rebar because Mix could not download metadata at https://builds.hex.pm/installs/rebar3-1.x.csv.
Run 3: With HEX_CACERTS_PATH via enironment
$ HEX_CACERTS_PATH=/opt/local/etc/openssl/cert.pem mix deps.get --only prod
...
Could not install Rebar...
Run 4: Erlang + OpenSSL 1.1 (from asdf)
sudo port install openssl11
KERL_CONFIGURE_OPTIONS="--without-javac --without-wx --without-odbc --with-ssl=/opt/local/libexec/openssl11/" asdf install erlang latest
asdf install elixir latest
mix deps.get --only prod
same as run 1
Run 5: Setting HEX_CACERTS_PATH via enironment
HEX_CACERTS_PATH=/opt/local/etc/openssl/cert.pem mix deps.get --only prod
Works
Run 6: Erlang + OpenSSL 3 (from asdf)
KERL_CONFIGURE_OPTIONS="--without-javac --without-wx --without-odbc" asdf install erlang latest
asdf install elixir latest
mix archive.install github hexpm/hex branch latest
HEX_CACERTS_PATH=/opt/local/etc/openssl/cert.pem mix deps.get --only prod
Works
from hex.
Related Issues (20)
- Full remove a package from hex.pm HOT 2
- [feature request] Sort `mix hex.outdated` output by status in default output HOT 4
- rebar3_auto - the package in HEX contains module which does not exist in the rebar3_auto repository HOT 1
- Error: Lock is missing HOT 2
- Bundled CA certs are not working now
- Fail to load function 'Elixir.Hex.Netrc.Cache':fetch/1: op make_fun2 u: on Erlang/OTP 27 rc.1
- Publish New Release for Updated CA-Bundle HOT 4
- Bug on dependency resolution for package published on 2/29 HOT 1
- Issues fetching deps HOT 16
- Inspect message is printed on failed compability check HOT 1
- Error installing Hex HOT 4
- Reject unknown keys when calling deps.get HOT 1
- `hex.publish` does not respect the docs output folder HOT 4
- Proposal: Allow redirects to repos HOT 6
- Regression in 2.1.0? HOT 23
- fetching not-selectable dependencies times out HOT 2
- If you enable 2FA it should be enabled on the CLI as well but probably only for authentication a new user (when we generate API keys) and when publishing. There should also be an option when generating API keys that do not require 2FA so that you can still publish etc. in automated environments such as CI.
- failed to load system certificates when trying to download Hex HOT 4
- Fail to load function 'Elixir.Hex.Netrc.Cache':fetch/1 with Elixir 1.17.0 and OTP 27 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hex.