ERROR <download:322> Download.on_tracker_error_alert(): On tracker error alert: torrentname (https://track.er/announce.php?passkey=123) certificate verify failed

[slrslr]

Describe the bug
A clear and concise description of what the bug is.

To Reproduce
Steps to reproduce the behavior:

1. start Tribler with some torrents (if developer of this project needs the torrent, please let me know how to send in private)
2. let it run for maybe 30 seconds and in the meantime find tribler-core-error.log
3. check that log file
4. See error:

[tribler-core PID:39] 2023-12-18 06:35:14,817 - ERROR <download:322> Download.on_tracker_error_alert(): On tracker error alert: Sile...torrentname (https://track.er.tld/announce.php?passkey=123)[127.0.0.1:65432] skipping tracker announce (unreachable) "" (1)
[tribler-core PID:39] 2023-12-18 06:35:14,824 - ERROR <download:322> Download.on_tracker_error_alert(): On tracker error alert: Sile...torrentname (https://track.er.tld/announce.php?passkey=123)[10.66.66.anonymized:65432] certificate verify failed "" (1)
[tribler-core PID:39] 2023-12-18 06:35:14,825 - ERROR <download:322> Download.on_tracker_error_alert(): On tracker error alert: Sile...torrentname (https://track.er.tld/announce.php?passkey=123)[10.2.0.2:65432] certificate verify failed "" (1)
[tribler-core PID:39] 2023-12-18 06:35:25,928 - ERROR <download:322> Download.on_tracker_error_alert(): On tracker error alert: Sile...torrentname (https://track.er.tld/announce.php?passkey=123)[10.66.66.anonymized:65432] certificate verify failed "" (2)
[tribler-core PID:39] 2023-12-18 06:35:25,931 - ERROR <download:322> Download.on_tracker_error_alert(): On tracker error alert: Sile...torrentname (https://track.er.tld/announce.php?passkey=123)[10.2.0.2:65432] certificate verify failed "" (2)
[tribler-core PID:39] 2023-12-18 06:35:28,402 - ERROR <patch:52> tribler.core.utilities.slow_coro_detection._report_long_duration(): Slow coroutine step execution (duration=1.397 seconds): <Task pending name='TorrentChecker:check local torrents' coro=<interval_runner() running at ipv8/taskmanager.py:18> wait_for=<_GatheringFuture pending cb=[<TaskWakeupMethWrapper object at 0x7f3d60276af0>()]> cb=[TaskManager.register_task.<locals>.done_cb() at ipv8/taskmanager.py:128]>
[tribler-core PID:39] 2023-12-18 06:35:44,638 - ERROR <download:322> Download.on_tracker_error_alert(): On tracker error alert: Sile...torrentname (https://track.er.tld/announce.php?passkey=123)[192.168.0.2:65432] timed out "" (1)
[tribler-core PID:39] 2023-12-18 06:36:03,899 - ERROR <download:322> Download.on_tracker_error_alert(): On tracker error alert: Sile...torrentname (https://track.er.tld/announce.php?passkey=123)[10.66.66.anonymized:65432] certificate verify failed "" (3)
[tribler-core PID:39] 2023-12-18 06:36:03,909 - ERROR <download:322> Download.on_tracker_error_alert(): On tracker error alert: Sile...torrentname (https://track.er.tld/announce.php?passkey=123)[10.2.0.2:65432] certificate verify failed "" (3)
[tribl[tribler-core PID:39] 2023-12-18 06:36:34,218 - ERROR <download:322> Download.on_tracker_error_alert(): On tracker error alert: Sile...torrentname (https://track.er.tld/announce.php?passkey=123)[192.168.0.2:65432] timed out "" (2)

It seems to check the torrent using various interfaces, repeatedly. Torrent tracker status is set as "Not working". In another torrent client, this same torrent (also using same tracker) shows bencoded string error https://forum.deluge-torrent.org/viewtopic.php?t=54265
It is not a problem of all torrents on that tracker but only certain ones. Tracker for some reason writes or reads or both data of some torrents wrongly, more.

Regarding the certificate verification message from the log, an online SSL checker says that the tracker supports only
TLS 1.3 TLS 1.2 (not older ciphers) and the cert. is A grade from Let's Encrypt.

Expected behavior
Tribler should be able to connect the tracker and if not, return some status message inn GUI next to tracker "Not working".

Desktop (please complete the following information):

• OS: Linux Debian 11 oldstable
• Tribler's version 7.13.0 (flatpak org.tribler.Tribler)

Additional context
Add any other context about the problem here.

[qstokkink]

Hi, thanks for your report. I see duplication with (earlier) issue #1680

Normally, we close duplicate issues. However, your following statement seems to be unique to this issue:

In other client (qBittorrent) the tracker is working in one of the torrents

If there is a type of tracker that we could support but we do not currently do, this seems like a good enhancement to Tribler. I'll label this issue as such.

[qstokkink]

It seems to me that the only sensible way to deal with invalid certificates, as reported in this issue, is to ignore them and try again. This is also what the author of our libtorrent library recommends arvidn/libtorrent#3892 (comment),

• For torrents that are explicitly added by a user, we can prompt the user for input: whether or not they want to ignore the SSL certificate. Ignoring certificates does pose a subtle risk and a user would require some in-depth security knowledge to assess it. Merged in Added warning when adding torrent from invalid HTTPS #8225
• For background checks of tracker liveness, I guess automatically stripping the certificate is fine: we just need to know if the tracker is reachable.