Skip to content
This repository has been archived by the owner on Aug 28, 2024. It is now read-only.

MIT Keyserver request timeout causes docker-compose up to fail #58

Open
Harti opened this issue Jun 11, 2018 · 5 comments
Open

MIT Keyserver request timeout causes docker-compose up to fail #58

Harti opened this issue Jun 11, 2018 · 5 comments

Comments

@Harti
Copy link

Harti commented Jun 11, 2018

Using Docker for Windows 18.03.1-ce-win65 (17513, Channel: stable)
Compose: 1.21.1

This is a weird error. I can access the actual Cryptonomicon MIT website via HTTPS normally.

Pinging the server doesn't work (they probably disabled that), but so does the request you're making in the Dockerfile. What can I do to troubleshoot?

First try:

...

Step 5/46 : RUN apt-key adv   --keyserver hkp://pgp.mit.edu:80   --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
 ---> Running in a5d011028e9c
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.LgcSAxYJiQ --no-auto-check-trustdb --trust-model always --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg --keyserver hkp://pgp.mit.edu:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
gpg: requesting key 7BD9BF62 from hkp server pgp.mit.edu
gpgkeys: key 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 can't be retrieved
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
ERROR: Service 'taiga' failed to build: The command '/bin/sh -c apt-key adv   --keyserver hkp://pgp.mit.edu:80   --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62' returned a non-zero code: 2

Second try:

...
Step 5/46 : RUN apt-key adv   --keyserver hkp://pgp.mit.edu:80   --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
 ---> Running in 171303a31df2
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.ujMfiwAD9L --no-auto-check-trustdb --trust-model always --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg --keyserver hkp://pgp.mit.edu:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
gpg: requesting key 7BD9BF62 from hkp server pgp.mit.edu
gpg: keyserver timed out
gpg: keyserver receive failed: keyserver error
ERROR: Service 'taiga' failed to build: The command '/bin/sh -c apt-key adv   --keyserver hkp://pgp.mit.edu:80   --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62' returned a non-zero code: 2

Thanks!

(And thanks for maintaining this repository! You're saving us a TON of time when it works!)
@ajira86
Copy link

ajira86 commented Jun 15, 2018
edited
Loading

I remember that it happens to me one time, some months ago. I suggest to switch base image to python:3.6 which work with debian-stretch and nginx 1.10. This would let us to use official debian repository instead of configuring an another one. I still have to test it and will propose a pull request.

@d-bourdon
Copy link

Hi
I have same issue. After some search, I try to found other keyserver who contain nginx certificate:

ha.pool.sks-keyservers.net
hkp://keyserver.ubuntu.com:80
hkp://p80.pool.sks-keyservers.net:80
pgp.mit.edu

For me , change the keyserver in the Dockerfile work (but I have other problem ^^)

@ajira86
Copy link

ajira86 commented Jun 15, 2018

if some files are missing, the cause is the last pull request, just checkout before it and it should works.

@abhijitgujar86
Copy link

abhijitgujar86 commented Dec 20, 2018
edited
Loading

I am having the same issue on the latest pull . I checked on the nginx website looks like they have mentioned the expiry of GPG keys here

can anyone help with that ?

@linkerx
Copy link

linkerx commented Jan 18, 2019

i change keyserver to hkp://keyserver.ubuntu.com:80 and add --no-tty and work ok

@crypdick crypdick mentioned this issue Jun 12, 2019
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@ajira86 @Harti @abhijitgujar86 @linkerx @d-bourdon