infra-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henk Penning (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (INFRA-16640) Problem reading https://www.apache.org/dist/flex/4.16.1/binaries/apache-flex-sdk-installer-config.xml
Date Tue, 12 Jun 2018 07:37:00 GMT

    [ https://issues.apache.org/jira/browse/INFRA-16640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16509290#comment-16509290
] 

Henk Penning commented on INFRA-16640:
--------------------------------------

Just as a temp work-around, you can try www-eu.a.o or www-us.a.o ;

> Problem reading https://www.apache.org/dist/flex/4.16.1/binaries/apache-flex-sdk-installer-config.xml
> -----------------------------------------------------------------------------------------------------
>
>                 Key: INFRA-16640
>                 URL: https://issues.apache.org/jira/browse/INFRA-16640
>             Project: Infrastructure
>          Issue Type: Bug
>          Components: Dists
>            Reporter: Alex Harui
>            Priority: Major
>
> Flex has ActionScript code that accesses the URL in the subject.  Starting in early May
we started receiving reports that this code no longer works.  HTTP works, but HTTPS does not.
 There is a report that accessing via HTTPS on flex.a.o with this code also fails but HTTP
is ok.
> AFAICT, this code has been in use since 2015.  So I'm wondering of something changed.
 The code uses a custom TLS1.0 implementation.  I'm wondering of something changed that could
break that code.
> I saw here https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls
that early TLS is supposed to go away soon, so I was wondering if changes related to that
have been happening at Apache.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message