infra-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Thistlethwaite (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (INFRA-16527) Cert error connecting to ai.google website from beam1-16.
Date Mon, 18 Jun 2018 14:10:00 GMT

     [ https://issues.apache.org/jira/browse/INFRA-16527?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Chris Thistlethwaite updated INFRA-16527:
-----------------------------------------
    Status: Waiting for user  (was: Waiting for Infra)

curl worked on jenkins-beam9 and 1-16 aren't around anymore. Can you confirm this is still
an issue?

> Cert error connecting to ai.google website from beam1-16.
> ---------------------------------------------------------
>
>                 Key: INFRA-16527
>                 URL: https://issues.apache.org/jira/browse/INFRA-16527
>             Project: Infrastructure
>          Issue Type: Bug
>          Components: Jenkins
>            Reporter: Jason Kuster
>            Assignee: Chris Thistlethwaite
>            Priority: Major
>              Labels: #bugbash-jun2018
>
> beam1-16 nodes are failing to connect to https://ai.google. As a result our website dead-link
checker is failing. Attempting to connect to this domain results in the following type of
output:
> jaku@apache-beam-jenkins-slave-group-lvmq:~$ curl https://ai.google/research/pubs/pub35650
> curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt
CRLfile: none
> More details here: http://curl.haxx.se/docs/sslcerts.html
> curl performs SSL certificate verification by default, using a "bundle"
>  of Certificate Authority (CA) public keys (CA certs). If the default
>  bundle file isn't adequate, you can specify an alternate file
>  using the --cacert option.
> If this HTTPS server uses a certificate signed by a CA represented in
>  the bundle, the certificate verification probably failed due to a
>  problem with the certificate (it might be expired, or the name might
>  not match the domain name in the URL).
> If you'd like to turn off curl's verification of the certificate, use
>  the -k (or --insecure) option.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message