Re: [AMBER] Compilation of Amber on Cray

From: Jason Swails <jason.swails.gmail.com>
Date: Sun, 29 Sep 2019 22:27:50 -0400

On Thu, Sep 26, 2019 at 10:53 AM Hai Nguyen <nhai.qn.gmail.com> wrote:

> On Thu, Sep 26, 2019 at 10:07 AM David Case <david.case.rutgers.edu>
> wrote:
>
> > On Thu, Sep 26, 2019, Suman Chakrabarty wrote:
> >
> > >Connecting to repo.continuum.io|104.18.200.79|:443... connected.
> > >
> > >ERROR: certificate common name `ssl468914.cloudflaressl.com' doesn't
> > match
> > >requested host name `repo.continuum.io'.
> >
> >
>
>
> > This happens way too often, and seems to be continuum's problem. Try
> > re-running the installation: the problem usually disappears pretty
> > quickly.
> >
> >
> There is another option from google search:
>
> export CONDA_SSL_VERIFY=false


> before compiling amber:
> https://github.com/conda/conda/issues/5170#issuecomment-297896781
> (I have not tried yet)
>

This is risky advice. For this record, what this does is skip the server
identity check so that conda will blindly trust whoever it happens to
connect to that has a "valid" certificate (trivial to get) without checking
that the server you're trying to connect to is who your computer thinks it
is.

This bypasses one of the primary security benefits of using TLS connections
(https) over raw TCP connections (http) -- and since the content of the
transfer here is open-source Python software, the *only* benefit of using
TLS in this instance is to trust that you're installing packages from a
trusted source. I would *never* advise disabling such protections for
software that is automagically installed to your system (with or without
root privileges).

Just wait for Continuum to fix their issue and try again when it's fixed.

All the best,
Jason

-- 
Jason M. Swails
_______________________________________________
AMBER mailing list
AMBER.ambermd.org
http://lists.ambermd.org/mailman/listinfo/amber
Received on Sun Sep 29 2019 - 19:30:02 PDT
Custom Search