Closed Bug 1043126 Opened 10 years ago Closed 10 years ago

SimplePush Production update server reporting invalid cert

Categories

(Cloud Services Graveyard :: Server: SimplePush, defect)

x86_64
Windows 7
defect
Not set
critical

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: jrconlin, Assigned: oremj)

References

()

Details

curl -X PUT -d "version=123" "https://updates.push.services.mozilla.com/update/Rc_jTA1DXWivxTFFTMic-IRE4eOJnt80QrkSEsNHclhGj4xj_TlO-ljgXmAjiBo5O57lBIIACq9BxM0ToyHeTm1E58AiMeQDo039UcIKknUgDwSm1Q==" -v * About to connect() to updates.push.services.mozilla.com port 443 (#0) * Trying 54.200.222.52... connected * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS alert, Server hello (2): * SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed * Closing connection #0 curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.
Assignee: nobody → oremj
The cert chain was missing its intermediate cert.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Product: Cloud Services → Cloud Services Graveyard
You need to log in before you can comment on or make changes to this bug.