Intermediate certificate missing for token.services.mozilla.com's IP 34.107.141.31
Categories
(Cloud Services Graveyard :: Operations: Sync, defect)
Tracking
(Not tracked)
People
(Reporter: bugzilla, Unassigned)
Details
Steps to reproduce:
I have a script to access firefox sync data but it failed to connect to https://token.services.mozilla.com periodically since ~2 weeks ago. It seems that one of the IP address of this token.services.mozilla.com - 34.107.141.31 - cannot be connected with SSL. Other IPs - e.g. 35.164.184.131 - are fine.
Actual results:
$ dig token.services.mozilla.com @1.1.1.1
....
token.services.mozilla.com. 48 IN CNAME prod.tokenserver.prod.cloudops.mozgcp.net.
prod.tokenserver.prod.cloudops.mozgcp.net. 588 IN A 34.107.141.31
...
$ curl -v https://token.services.mozilla.com --resolve token.services.mozilla.com:443:34.107.141.31
...
- TLSv1.3 (OUT), TLS handshake, Client hello (1):
- TLSv1.3 (IN), TLS handshake, Server hello (2):
- TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
- TLSv1.3 (IN), TLS handshake, Certificate (11):
- TLSv1.3 (OUT), TLS alert, unknown CA (560):
- SSL certificate problem: unable to get local issuer certificate
- Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
Expected results:
curl should not return error.
|
Reporter | |
Updated•3 years ago
|
|
|
Reporter | |
Updated•3 years ago
|
|
||
Comment 1•3 years ago
|
||
It looks like the intermediate certificate is missing from that server's response.
|
||
Comment 2•3 years ago
|
||
I think this is resolved via bug 1801429. NI reporter to verify.
|
||
Updated•3 years ago
|
|
||
Updated•3 years ago
|
Description
•