gactions cli x509 certificate signed by unknown authority error

0
votes

I'm getting a x509 certificate signed by unknown authority error when trying to update my action package via the 'gactions' CLI - please help.

It was working a few days ago fine and I don't think I've changed anything on my end. I'm on the most recent version (2.1.3 - x86_64) of the actions CLI, on Mac High Sierra 10.13.3.

I've searched on stackoverflow and google for an answer but can't work it out.

Thanks

What I'm seeing... (updated to include --verbose output)

Checking for updates...

Error: Get https://dl.google.com/gactions/updates.json: x509: certificate signed by unknown authority POST /v2/agents/gactions-da5a7:batchUpdateAllDraftActionPackages HTTP/1.1 Host: actions.googleapis.com User-Agent: Gactions-CLI/2.1.3 (darwin; amd64; stable/dff629ae63XXXXXXXXXXXXX9274524569714e6) Content-Length: 567 Content-Type: application/json Accept-Encoding: gzip

{"localizedActionPackages":{"en":{"actions":[{"description":"Default Welcome Intent","fulfillment":{"conversationName":"heythere"},"intent":{"name":"actions.intent.MAIN","trigger":{"queryPatterns":["talk to heythere"]}},"name":"MAIN"}],"conversations":{"heythere":{"fulfillmentApiVersion":2,"name":"heythere","url":"https://XXXXXXXXXXX/XXXXXX"}},"locale":"en","name":"agents/XXXXXXXXXXX"}

Reading credentials from: creds.data

Gactions needs access to your Google account. Please copy & paste the URL below into a web browser and follow the instructions there. Then copy and paste the authorization code from the browser back here.

Visit this URL: https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=23XXXXXXXX06-o6vu1tXXXXXXXXXXXXXXX396e2d0c.apps.googleusercontent.com&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Factions.builder&state=state

Enter authorization code: 4/AADzNzL7XXXXXXXXXXXXXXXXXXXXXXXX5jIs4JCWR-5T-TztD9IamE

2018/02/24 15:23:01 Post https://accounts.google.com/o/oauth2/token: x509: certificate signed by unknown authority

2
actions-on-google
Can you update your question to include the output from using the --verbose command? so something like: gactions --verbose update --project $PROJECT --action_package action.json (and, again, mask out what might look like sensitive tokens and identifiers)Prisoner
Thanks @Prisoner I've updated the post with the --verbose output I hope that's helpful.mleonard

2 Answers

0
votes

This suggests that the SSL certificates you're using are either untrusted or out of date. If you are setting certificates yourself on this machine, possibly due to your own development work, gactions could be picking one of these up. You may want to check the following:

  • Make sure your SSL_CERT_FILE and SSL_CERT_DIR environment variables aren't set. If they are, unset them.

  • I've seen references to issues using Docker, Go, and SSL. If you're doing this in a container, this might be part of the problem you're seeing. (I don't know the combination of technologies well enough to understand the discussions.)

0
votes

Restarting seemed to solve this in my case. That, or it was a temporary issue on Google's side. If you're encountering this, try a restart.