When trying to deploy to shinyappsio I have the following error when using deployApp():
DONE
Uploading bundle for application: 228671...Detecting system locale ... Error in function (type, msg, asError = TRUE) :
SSL certificate problem: self signed certificate in certificate chain
In addition: Warning message:
Error detecting locale: Error in read.table(file = file, header = header, sep = sep, quote = quote, : incomplete final line found by readTableHeader on 'raw'
(Using default: en_US)
Timing stopped at: 0.04 0 0.33
> sessionInfo()
R version 3.4.0 (2017-04-21)
Platform: x86_64-w64-mingw32/x64 (64-bit)
Running under: Windows >= 8 x64 (build 9200)
Matrix products: default
locale:
[1] LC_COLLATE=French_France.1252 LC_CTYPE=French_France.1252 LC_MONETARY=French_France.1252
[4] LC_NUMERIC=C LC_TIME=French_France.1252
attached base packages:
[1] stats graphics grDevices utils datasets methods base
other attached packages:
[1] rsconnect_0.8.8
loaded via a namespace (and not attached):
[1] compiler_3.4.0 tools_3.4.0 RCurl_1.95-4.10 yaml_2.1.19 RJSONIO_1.3-0 digest_0.6.15 packrat_0.4.9-2
[8] bitops_1.0-6
I am deploying from my workplace and I know that I am behind the corporate firewalls. I used to bypass this issue by deploying when using my personal 4G cellular internet instead of the secured Wireless internet of my workplace. I tried the solutions of this link without success.
Any ideas will be much appreciated. Do not hesitate to let me know if you think that there is no solution and that I am doomed to deploy to shinyapps.io only when using my personal computer (no corporate firewall!).
Usually it's caused by an internal proxy you are going through which injects its own certificate. You can verify by checking for http_proxy and https_proxy in the IDE env. If there, you can unset with:
Sys.unsetenv("http_proxy")
Sys.unsetenv("https_proxy")
and try to deploy again then re-set the variables.
Thank you very much for your answer. Unfortunately, this did not work for me.
In the meantime, another of the scripts that I use daily broke, giving me the same error. The issue was coming from the RCurl package and I managed to solve it by changing this option:
Were you able to find a solution to this problem? I am having the same problem and have not been able to solve it. I turned the firewall off and it still did not work.
DONE
Uploading bundle for application: 97022...Error in function (type, msg, asError = TRUE) :
SSL certificate problem: self signed certificate in certificate chain
Timing stopped at: 0.02 0 0.14
> sessionInfo()
R version 3.5.1 (2018-07-02)
Platform: i386-w64-mingw32/i386 (32-bit)
Running under: Windows 7 (build 7601) Service Pack 1
Matrix products: default
locale:
[1] LC_COLLATE=English_United States.1252 LC_CTYPE=English_United States.1252
[3] LC_MONETARY=English_United States.1252 LC_NUMERIC=C
[5] LC_TIME=English_United States.1252
attached base packages:
[1] stats graphics grDevices utils datasets methods base
other attached packages:
[1] devtools_1.13.6 RCurl_1.95-4.11 bitops_1.0-6
loaded via a namespace (and not attached):
[1] httr_1.3.1 compiler_3.5.1 R6_2.2.2 rsconnect_0.8.8 tools_3.5.1 withr_2.1.2
[7] curl_3.2 memoise_1.1.0 RJSONIO_1.3-0 git2r_0.23.0 jsonlite_1.5 digest_0.6.16
[13] packrat_0.4.9-3
My conjecture is that OPs firewall is doing "deep packet" or "SSL inspection" on outgoing SSL/TLS connections. a.k.a. a man in the middle attack. Telling rsconnect to ignore the cert allows the local app to trust the "forged" (dynamically generated by the firewall) certs which the corp firewall creates. These forged certs allow the corp firewall to inspect the contents of SSL/TLS traffic as it exits the firewall.
It looks like rsconnect is not using the local system cert store? Is there a way to add a cert so that rsconnect can use it? Seems like there should be an option to slip in a trusted corp root cert.
You can set the option rsconnect.ca.bundle to point to a custom certificate authority bundle, which should, in theory, accomplish what you are looking for.
I figured there was something like that. In practice that seems a much better solution than just ignoring certs altogether. But ignoring the cert for the purpose of testing is really helpful!