Unable to get RSS and Weather Widget to work

Xibo 2.0.1 on Winbdows 10 Pro 64bit 1809 via docker v 2.0.0.3 (31259)

I have configured the weather widget/module with a dark sky API key and have set up an RSS feed: https://w1.weather.gov/xml/current_obs/KSBN.rss

Both will not display in preview or on display when published. I see in the logs the error of:
Unable to get feed:
cURL error 60: SSL certificate problem: unable to get local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)

I have read :
Using Tickers, Forecast, Twitter and other external resources that make use of HTTPS connections

But I am not sure how in the world to translate this into my setup with Docker running Xibo on Windows 10.

I can confirm I am able to get out to the internet with no error on the host computer and the players.

Sorry if this is posted in the wrong category. Any help/guidance would be greatly appreciated.

Thank you for your time.

The Docker setup will have the correct SSL root certificate bundle installed already so that isn’t the issue you have.

I suspect your organisation uses a filtering proxy which is issuing its own certificates. If so, you’ll need to get a copy of the root CA that those certificates are signed with and install that in to the containers so that PHP trusts your filtering appliance.

Your IT team or proxy vendor will be able to provide you the CA certificate.

Once you have it (in pem/crt format), then do the following:

Make a directory shared/cms/ca-certs
Put your certificate file in there - eg shared/cms/mycertificate.pem
Edit your docker-compose.yml file, and in the cms-web section, add a line to map that folder so it looks like this:

    cms-web:
        image: xibosignage/xibo-cms:release-2.0.3
        volumes:
            - "./shared/cms/custom:/var/www/cms/custom"
            - "./shared/backup:/var/www/backup"
            - "./shared/cms/web/theme/custom:/var/www/cms/web/theme/custom"
            - "./shared/cms/library:/var/www/cms/library"
            - "./shared/cms/web/userscripts:/var/www/cms/web/userscripts"
            - "./shared/cms/ca-certs:/var/www/cms/ca-certs"

Now down/up the containers, and your CA cert will be trusted by PHP and your SSL-based resources will start working.

Thank you so much for the response and assistance!

I created the folder c:\Xibo\shared\cms\ca-certs and placed out CA root cert inside. The one I received was a *.cer. I renamed to *.pem. *Not sure if necessary or not.

I then edited the docker-compose.yml file and added the line exactly as shown in your example.

I shutdown all containers and then brought them back up. I even went a step further and performed a reboot of the machine. *i know not necessary.

After logging back in and docker for desktop came up, I ran my command in PS to bring up the containers for Xibo in docker: docker-compose up -d

All came up with this one WARNING message:

PS C:\xibo> docker-compose up -d

Starting xibo_cms-db_1 … done
Starting xibo_cms-xmr_1 … done
Recreating xibo_cms-web_1 …
WARNING: Service “cms-web” is using volume “/var/www/cms/ca-certs” from the previous container. Host mapping “C:\xibo\shared\cms\ca-certs” has no effect. Remove the existing containers (with docker-compose rm cms-web) to use the host voluRecreating xibo_cms-web_1 … done
PS C:\xibo>

I was able to log into Xibo via web browser just fine. I went to test the weather widget and still comes up blank in preview and nothing occurs when clicking on “get forecast” I turned debug back on and tested again and found same error as prior:

“Unable to reach Forecast API: cURL error 60: SSL certificate problem: unable to get local issuer certificate (see libcurl - Error Codes)”

Not sure what I may have done wrong. Any insight is greatly appreciated.

Thank you!

You need to “down” the containers. It looks to me like you stopped them instead which won’t work.

Ah-ha! That is correct, I stopped and restarted along with rebooting the host computer.

docker-compose down: This will not remove my installation and files correct? I only see he down command referenced when wanting to remove/uninstall. Sorry for the perceived ignorant comment, just making sure. I do have a backup of the entire Xibo folder/install.

Just want to confirm prior to running command.

Thank you again for your time and assistance!

Assuming you’ve not made manual changes inside the containers, then down is completely safe. All your user data/library/database live in the shared folder which won’t be touched.

OK, I ran the down and up commands:

PS C:\xibo> docker-compose down
Stopping xibo_cms-web_1 … done
Stopping xibo_cms-db_1 … done
Stopping xibo_cms-xmr_1 … done
Removing xibo_cms-web_1 … done
Removing xibo_cms-db_1 … done
Removing xibo_cms-xmr_1 … done
Removing network xibo_default
PS C:\xibo> docker-compose up -d
Creating network “xibo_default” with the default driver
Creating xibo_cms-db_1 … done
Creating xibo_cms-xmr_1 … done
Creating xibo_cms-web_1 … done

Still unable to preview the weather or RSS. See this in log still:

Unable to get feed: cURL error 60: SSL certificate problem: unable to get local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)

Again, I manually created the folder via Windows Explorer that you advised in the first response. I went ahead and placed our cert in the folder. It was a .CER file, which I renamed to .PEM. Would that be of any issue?

I edited the docker compose yml file to look identical as you provided.

Seem to be missing something or not performing something correctly as the issue still exists.

Again, any direction is greatly appreciated. Thank you for your time!

Please can you post the output of

docker-compose logs cms-web

redacting anything sensitive.

Also make sure your file is renamed to either .pem or .crt. .PEM or .CRT are different things as far as Linux is concerned.

PS C:\xibo> docker-compose logs cms-web
Attaching to xibo_cms-web_1
cms-web_1 | Waiting for MySQL to start - max 300 seconds
cms-web_1 | MySQL started
cms-web_1 | Updating settings.php
cms-web_1 | settingId
cms-web_1 | 1
cms-web_1 | Existing Database, checking if we need to upgrade it
cms-web_1 | Phinx by CakePHP - https://phinx.org. 0.9.2
cms-web_1 |
cms-web_1 | using config file .varwwwcmsphinx.php
cms-web_1 | using config parser php
cms-web_1 | using migration paths
cms-web_1 | - /var/www/cms/db/migrations
cms-web_1 | warning no environment specified, defaulting to: production
cms-web_1 | ordering by creation time
cms-web_1 |
cms-web_1 | Status [Migration ID] Started Finished Migration Name
cms-web_1 | ----------------------------------------------------------------------------------
cms-web_1 | up 20180130073838 2019-05-01 14:20:17 2019-05-01 14:20:20 InstallMigration
cms-web_1 | up 20180131113100 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep85Migration
cms-web_1 | up 20180131113853 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep86Migration
cms-web_1 | up 20180131113941 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep87Migration
cms-web_1 | up 20180131113948 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep88Migration
cms-web_1 | up 20180131113952 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep92Migration
cms-web_1 | up 20180131113957 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep120Migration
cms-web_1 | up 20180131114002 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep121Migration
cms-web_1 | up 20180131114007 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep122Migration
cms-web_1 | up 20180131114013 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep123Migration
cms-web_1 | up 20180131114017 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep124Migration
cms-web_1 | up 20180131114021 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep125Migration
cms-web_1 | up 20180131114025 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep126Migration
cms-web_1 | up 20180131114030 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep127Migration
cms-web_1 | up 20180131114050 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep128Migration
cms-web_1 | up 20180131114058 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep129Migration
cms-web_1 | up 20180131114103 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep130Migration
cms-web_1 | up 20180131114107 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep131Migration
cms-web_1 | up 20180131114110 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep132Migration
cms-web_1 | up 20180131114114 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep133Migration
cms-web_1 | up 20180131114118 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep134Migration
cms-web_1 | up 20180131114123 2019-05-01 14:20:20 2019-05-01 14:20:20 OldUpgradeStep135Migration
cms-web_1 | up 20180131122645 2019-05-01 14:20:20 2019-05-01 14:20:20 OneRegionPerPlaylistMigration
cms-web_1 | up 20180131123038 2019-05-01 14:20:20 2019-05-01 14:20:20 PlaylistTagsMigration
cms-web_1 | up 20180131123248 2019-05-01 14:20:20 2019-05-01 14:20:20 WidgetFromToDtMigration
cms-web_1 | up 20180212143336 2019-05-01 14:20:20 2019-05-01 14:20:20 DaypartSystemEntriesAsRecords
cms-web_1 | up 20180213173846 2019-05-01 14:20:20 2019-05-01 14:20:20 MailFromNameSettingMigration
cms-web_1 | up 20180219141257 2019-05-01 14:20:20 2019-05-01 14:20:20 DisplayGroupClosureIndexToNonUnique
cms-web_1 | up 20180223180534 2019-05-01 14:20:20 2019-05-01 14:20:20 DataSetColumnFilterAndSortOptionsMigration
cms-web_1 | up 20180302182421 2019-05-01 14:20:20 2019-05-01 14:20:20 WidgetCreatedAndModifiedDtMigration
cms-web_1 | up 20180313085749 2019-05-01 14:20:20 2019-05-01 14:20:21 MediaTableEditedIdIndexMigration
cms-web_1 | up 20180320154652 2019-05-01 14:20:21 2019-05-01 14:20:21 PlaylistAddDynamicFilterMigration
cms-web_1 | up 20180327153325 2019-05-01 14:20:21 2019-05-01 14:20:21 RemoveUserLoggedInMigration
cms-web_1 | up 20180514114415 2019-05-01 14:20:21 2019-05-01 14:20:21 FixCaseOnHelpTextFieldMigration
cms-web_1 | up 20180515123835 2019-05-01 14:20:21 2019-05-01 14:20:21 LayoutPublishDraftMigration
cms-web_1 | up 20180529065816 2019-05-01 14:20:21 2019-05-01 14:20:21 DataSetTruncateFixMigration
cms-web_1 | up 20180529073531 2019-05-01 14:20:21 2019-05-01 14:20:21 DisplayAsVncLinkMigration
cms-web_1 | up 20180621134013 2019-05-01 14:20:21 2019-05-01 14:20:21 AddWidgetSyncTaskMigration
cms-web_1 | up 20180621134250 2019-05-01 14:20:21 2019-05-01 14:20:21 EventLayoutPermissionSettingMigration
cms-web_1 | up 20180906115552 2019-05-01 14:20:21 2019-05-01 14:20:21 AddForeignKeysToTagsMigration
cms-web_1 | up 20180906115606 2019-05-01 14:20:21 2019-05-01 14:20:21 AddForeignKeysToPermissionsMigration
cms-web_1 | up 20180906115712 2019-05-01 14:20:21 2019-05-01 14:20:21 AddForeignKeysToWidgetMediaMigration
cms-web_1 | up 20180906131643 2019-05-01 14:20:21 2019-05-01 14:20:21 ForgottenPasswordReminderMigration
cms-web_1 | up 20180906131716 2019-05-01 14:20:21 2019-05-01 14:20:21 DataSetRssMigration
cms-web_1 | up 20181011160130 2019-05-01 14:20:21 2019-05-01 14:20:22 SimpleSettingsMigration
cms-web_1 | up 20181113173310 2019-05-01 14:20:22 2019-05-01 14:20:22 RemoveFinanceModuleMigration
cms-web_1 | up 20181113180337 2019-05-01 14:20:22 2019-05-01 14:20:22 SplitTickerModuleMigration
cms-web_1 | up 20181126113231 2019-05-01 14:20:22 2019-05-01 14:20:22 Release1812Migration
cms-web_1 | up 20181210092443 2019-05-01 14:20:22 2019-05-01 14:20:22 RemoveImageUriModuleMigration
cms-web_1 | up 20181212114400 2019-05-01 14:20:22 2019-05-01 14:20:22 CreatePlayerVersionsTableMigration
cms-web_1 | up 20181217135044 2019-05-01 14:20:22 2019-05-01 14:20:22 EventSyncMigration
cms-web_1 | up 20190121092556 2019-05-01 14:20:22 2019-05-01 14:20:22 PlayerUpgradeAndOverrideConfigMigration
cms-web_1 | up 20190125170130 2019-05-01 14:20:22 2019-05-01 14:20:22 PlayerSoftwareVersionFieldMigration
cms-web_1 | up 20190129103831 2019-05-01 14:20:22 2019-05-01 14:20:22 AddLinuxDisplayProfileMigration
cms-web_1 | up 20190212115432 2019-05-01 14:20:22 2019-05-01 14:20:22 AddDefaultTransitionDurationSettingMigration
cms-web_1 | up 20190213162212 2019-05-01 14:20:22 2019-05-01 14:20:22 AddHorizontalMenuSettingMigration
cms-web_1 | up 20190220165703 2019-05-01 14:20:22 2019-05-01 14:20:22 AddScheduleRecurrenceMonthlyRepeatsOnMigration
cms-web_1 | up 20190227101705 2019-05-01 14:20:22 2019-05-01 14:20:22 MakeDisplayLicenseColumnUniqueMigration
cms-web_1 | up 20190228120603 2019-05-01 14:20:22 2019-05-01 14:20:22 AddDynamicCriteriaTagsMigration
cms-web_1 | up 20190301115046 2019-05-01 14:20:22 2019-05-01 14:20:22 AdjustGenericfileValidExtensionsMigration
cms-web_1 |
cms-web_1 | Importing ca-certs
cms-web_1 | ‘/var/www/cms/ca-certs/MY CERT CA.pem’ -> ‘/usr/local/share/ca-certificates/MY CERT CA.pem’
cms-web_1 | cp: can’t stat ‘/var/www/cms/ca-certs/*.crt’: No such file or directory
cms-web_1 | WARNING: ca-cert-MY_CERT_CA.pem.pem does not contain exactly one certificate or CRL: skipping
cms-web_1 | WARNING: ca-certificates.crt does not contain exactly one certificate or CRL: skipping
cms-web_1 | Configuring Maintenance
cms-web_1 | Removing web/install/index.php from production container
cms-web_1 | Starting cron
cms-web_1 | Starting webserver
cms-web_1 | AH00558: httpd: Could not reliably determine the server’s fully qualified domain name, using 172.20.0.4. Set the ‘ServerName’ directive globally to suppress this message
PS C:\xibo>

Please try with the certificate name as a single lower case word. So for example myca.pem

Then down/up the containers. Beyond that, I’m not sure why it won’t work. It could be that that isn’t the correct certificate file. Whoever is in charge of your filtering appliance will probably be able to assist you.

My apologies for just now responding. I unfortunately could not get this to work for me. I confirmed the encryption is PEM and the file is correct. I also renamed the file to one word, all lowercase, and it still would not work (same errors as prior).

For a work around we just set an exception in our filtering system and all is now functioning.

I may come back to this at some point simply to get it figured out and report back. For now, all is working with the exception added to our filtering system.

Thank you for all your assistance and fast responses.