Error fetching 'feeds/tn.json'
transitous-bot opened this issue · comments
CC: @mlundblad
An error occured while fetching a feed from feeds/tn.json.
If the error is not temporary, please consider replacing or removing the feed.
Thanks!
Here are the logs of the error(s):
On 2024-05-12 00:37:45 UTC:
Error: Could not fetch tn-SNCTF: HTTPSConnectionPool(host='gps.sncft.com.tn', port=443): Max retries exceeded with url: /gps/gtfs_ALL.ZIP (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:992)')))
Error: 1 errors occurred during fetching.
On 2024-05-12 01:19:41 UTC
Error: Could not fetch tn-SNCTF: HTTPSConnectionPool(host='gps.sncft.com.tn', port=443): Max retries exceeded with url: /gps/gtfs_ALL.ZIP (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:992)')))
Error: 1 errors occurred during fetching.
On 2024-05-12 01:30:34 UTC
Error: Could not fetch tn-SNCTF: HTTPSConnectionPool(host='gps.sncft.com.tn', port=443): Max retries exceeded with url: /gps/gtfs_ALL.ZIP (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:992)')))
Error: 1 errors occurred during fetching.
On 2024-05-12 12:26:12 UTC
Error: Could not fetch tn-SNCTF: HTTPSConnectionPool(host='gps.sncft.com.tn', port=443): Max retries exceeded with url: /gps/gtfs_ALL.ZIP (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:992)')))
Error: 1 errors occurred during fetching.
On 2024-05-12 16:49:34 UTC
Error: Could not fetch tn-SNCTF: HTTPSConnectionPool(host='gps.sncft.com.tn', port=443): Max retries exceeded with url: /gps/gtfs_ALL.ZIP (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:992)')))
Error: 1 errors occurred during fetching.
On 2024-05-12 17:11:25 UTC
Error: Could not fetch tn-SNCTF: HTTPSConnectionPool(host='gps.sncft.com.tn', port=443): Max retries exceeded with url: /gps/gtfs_ALL.ZIP (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:992)')))
Error: 1 errors occurred during fetching.
On 2024-05-12 17:21:31 UTC
Error: Could not fetch tn-SNCTF: HTTPSConnectionPool(host='gps.sncft.com.tn', port=443): Max retries exceeded with url: /gps/gtfs_ALL.ZIP (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate chain (_ssl.c:992)')))
Error: 1 errors occurred during fetching.
On 2024-05-12 18:17:46 UTC
Error: Could not fetch tn-SNCTF: HTTPSConnectionPool(host='gps.sncft.com.tn', port=443): Max retries exceeded with url: /gps/gtfs_ALL.ZIP (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:992)')))
Error: 1 errors occurred during fetching.
On 2024-05-12 19:21:43 UTC
Error: Could not fetch tn-SNCTF: HTTPSConnectionPool(host='gps.sncft.com.tn', port=443): Max retries exceeded with url: /gps/gtfs_ALL.ZIP (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate chain (_ssl.c:992)')))
Error: 1 errors occurred during fetching.
On 2024-05-12 22:03:32 UTC
Error: Could not fetch tn-SNCTF: HTTPSConnectionPool(host='gps.sncft.com.tn', port=443): Max retries exceeded with url: /gps/gtfs_ALL.ZIP (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: certificate has expired (_ssl.c:992)')))
Error: 1 errors occurred during fetching.
On 2024-05-13 01:30:27 UTC
Error: Could not fetch tn-SNCTF: HTTPSConnectionPool(host='gps.sncft.com.tn', port=443): Max retries exceeded with url: /gps/gtfs_ALL.ZIP (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate chain (_ssl.c:992)')))
Error: 1 errors occurred during fetching.
Looks like their SSL server cert has expired, let's give them some time to renew, I guess…
Public timetables are not really sensitive information and I cannot imagine any scenario where a MITM would make sense. Are there any downsides to just ignoring invalid certificates? Most clients have a setting for this.
Yes, we also have a json option for it.
In the worst case somebody controlling DNS can insert wrong data, but I don't think that is a relevant risk.
but I don't think that is a relevant risk
Then maybe the best default value for this option would be to ignore certificates? This would make operations more robust.
I'm not decided on this yet.
In the ideal world were we had more direct communication with transport operators, we'd want them to know and fix these issues.
But if we collectively think that is not going to happen, we can of course do that.
More direct communication with transport operators is definitely desirable. But let's use the concept of "annoy credits". We should use our "annoy credits" for stuff that we really can't work around easily like broken data. And even if we want to communicate to them about their broken certificates, it would still have advantages to not rely on them to fix it fast. I guess what's missing is some kind of "severity level". A broken certificate would probably be low priority but for example missing station coordinates (or all lat=0, lng=0) would make the dataset unusable for door-to-door routing and should therefore be high priority. Maybe distinguishing between warnings and errors would make sense?
True.
In the longer term it would be nice to go towards some kind of dashboard collecting the issues interesting for operators without creating an issue for anything that is non-fatal.
The cert has now been renewed (and they seem to be using Let's Encrypt now).