Skip to content

Latest commit

 

History

History
120 lines (95 loc) · 3.05 KB

HTTPS_FIX_GUIDE.md

File metadata and controls

120 lines (95 loc) · 3.05 KB

HTTPS/SSL Fix Guide

Problem

You encountered this error during Docker build:

curl: (1) Protocol "https" not supported or disabled in libcurl

Root Cause

Amazon Linux 2 base images sometimes have curl compiled without HTTPS/SSL support, or the SSL libraries are missing/incompatible.

Solutions Applied

Added HTTPS Support

  • Installed curl: Added curl package (not just curl-devel)
  • Added wget: Installed wget as a fallback downloader
  • Added verification: Check curl HTTPS support and reinstall if needed

Dual Download Strategy

Changed download pattern from:

curl -fL URL -o file.tar.gz

To:

(curl -fL URL -o file.tar.gz || wget -O file.tar.gz URL)

This provides automatic fallback when curl fails.

Enhanced Package Installation

RUN yum update -y && \
    yum install -y git autoconf libtool flex bison cmake make \
      tar gzip gcc gcc-c++ automake16 libpng-devel nasm \
      libxml2-devel readline-devel curl curl-devel wget \
      cmake3 && \
    yum clean all && \
    rm -rf /var/cache/yum /var/lib/yum/history /tmp/* /var/tmp/*

HTTPS Verification

# Verify curl has HTTPS support
RUN curl --version | grep -i https || (echo "curl HTTPS support missing, installing..." && yum reinstall -y curl)

How It Works

Primary Method: curl

  • Uses curl with -fL flags for better error handling
  • -f: Fail silently on HTTP errors
  • -L: Follow redirects

Fallback Method: wget

  • If curl fails, automatically tries wget
  • wget typically has better SSL support in Amazon Linux 2
  • -O: Output to specified file

Retry Logic

  • Both methods retry up to 3 times with 5-second delays
  • Handles temporary network issues

Testing the Fix

Test curl HTTPS support

docker run --rm public.ecr.aws/lambda/provided:al2 curl --version

Test downloads

docker run --rm public.ecr.aws/lambda/provided:al2 curl -I https://github.com

Build the image

docker buildx build --platform=linux/amd64 -f dockerfiles/Dockerfile -t test-gdal .

Alternative Solutions

Option 1: Use Amazon Linux 2023

If HTTPS issues persist, consider using AL2023:

FROM public.ecr.aws/lambda/provided:al2023 AS builder

Option 2: Build curl from source

For maximum compatibility:

RUN yum install -y openssl-devel && \
    curl -L https://curl.se/download/curl-8.4.0.tar.gz | tar zx && \
    cd curl-8.4.0 && \
    ./configure --with-openssl && \
    make && make install

Option 3: Use different base image

Consider using Ubuntu-based Lambda images:

FROM public.ecr.aws/lambda/python:3.12

Verification Commands

Check curl capabilities

curl --version
curl-config --protocols

Test HTTPS download

curl -I https://github.com
wget --spider https://github.com

The HTTPS/SSL issues should now be resolved! The dual download strategy with curl/wget fallback provides robust HTTPS support. 🚀