develooper Front page | perl.cpan.testers.discuss | Postings from April 2020

Re: https://metabase.cpantesters.org/api/v1/: invalid securitycertificate

Thread Previous | Thread Next
From:
James E Keenan
Date:
April 2, 2020 18:12
Subject:
Re: https://metabase.cpantesters.org/api/v1/: invalid securitycertificate
Message ID:
c3d2057e-6b4c-5c58-bad4-df6bb93eee52@pobox.com
On 4/2/20 1:23 PM, Slaven Rezic wrote:
> Hi James,
> 
> I can confirm that the certificate is marked as invalid in my firefox, 
> and also if calling the URL with lwp-request. However, my 
> Test::Reporter-based report sender still works. It's just working 
> because Test::Reporter::Transport::Metabase is using HTTP::Tiny, and 
> HTTP::Tiny does not do certificate validation by default (see the 
> verify_SSL option). Works:
> 
>      perl5.31.10 -MData::Dumper -MHTTP::Tiny -e 'warn 
> Dumper(HTTP::Tiny->new->get("https://metabase.cpantesters.org/api/v1/"))'
> 

With this (albeit with perl-5.30.0 and after installing IO::Socket::SSL 
and Net::SSLeay), I got a 404:

#####
$ perl -MData::Dumper -MHTTP::Tiny -e 'warn 
Dumper(HTTP::Tiny->new->get("https://metabase.cpantesters.org/api/v1/"))'
$VAR1 = {
           'protocol' => 'HTTP/1.1',
           'status' => '404',
           'url' => 'https://metabase.cpantesters.org/api/v1/',
           'content' => '<!DOCTYPE html>
...
',
           'reason' => 'Not Found',
           'success' => '',
           'headers' => {
                          'via' => [
                                     '1.1 varnish',
                                     '1.1 varnish'
                                   ],
                          'age' => '0',
                          'content-length' => '20240',
                          'x-cache-hits' => '0, 0',
                          'x-cache' => 'MISS, MISS',
                          'x-served-by' => 'cache-lcy19261-LCY, 
cache-bos4650-BOS',
                          'date' => 'Thu, 02 Apr 2020 18:02:37 GMT',
                          'connection' => 'keep-alive',
                          'server' => 'Mojolicious (Perl)',
                          'x-timer' => 'S1585850556.546659,VS0,VE2416',
                          'accept-ranges' => 'bytes',
                          'content-type' => 'text/html;charset=UTF-8'
                        }
         };
#####


> Fails:
> 
>      perl5.31.10 -MData::Dumper -MHTTP::Tiny -e 'warn 
> Dumper(HTTP::Tiny->new(verify_SSL=>1)->get("https://metabase.cpantesters.org/api/v1/"))' 
> 

With this, I got a 599:

#####
$ perl -MData::Dumper -MHTTP::Tiny -e 'warn 
Dumper(HTTP::Tiny->new(verify_SSL=>1)->get("https://metabase.cpantesters.org/api/v1/"))' 

$VAR1 = {
           'headers' => {
                          'content-length' => 81,
                          'content-type' => 'text/plain'
                        },
           'content' => 'SSL connection failed for 
metabase.cpantesters.org: hostname verification failed
',
           'reason' => 'Internal Exception',
           'status' => 599,
           'url' => 'https://metabase.cpantesters.org/api/v1/',
           'success' => ''
         };
#####


> 
> Regards,
>       Slaven

Thank you very much.
Jim Keenan


>> James E Keenan < jkeenan@pobox.com <mailto:jkeenan@pobox.com>> hat am 
>> 2. April 2020 um 14:29 geschrieben:
>>
>>
>> Today I had occasion to call a program which uses
>> App::cpanminus::reporter. I have run programs with that module hundreds
>> of times before. The program failed with this output in the debugger.
>>
>> #####
>> error loading Test::Reporter::Transport::Metabase. Please install the
>> missing module or choose a different transport mechanism.
>>
>> at /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm
>> line 21.
>> CPAN::Testers::Common::Client::Config::__ANON__[/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm:21]("\x{a}error 
>> loading Test::Reporter::Transport::Metabase. Please in"...) called at 
>> /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm 
>> line 87
>> CPAN::Testers::Common::Client::Config::mywarn(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8), 
>> "\x{a}error loading Test::Reporter::Transport::Metabase. Please 
>> in"...) called at 
>> /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm 
>> line 647
>> CPAN::Testers::Common::Client::Config::_validate_transport(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8), 
>> "transport", "Metabase uri https://metabase.cpantesters.org/api/v1/ 
>> id_file"...) called at error loading 
>> Test::Reporter::Transport::Metabase. Please install the missing module 
>> or choose a different transport mechanism.
>>
>> at /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm
>> line 21.
>> CPAN::Testers::Common::Client::Config::__ANON__[/usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm:21]("\x{a}error 
>> loading Test::Reporter::Transport::Metabase. Please in"...) called at 
>> /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm 
>> line 87
>> CPAN::Testers::Common::Client::Config::mywarn(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8), 
>> "\x{a}error loading Test::Reporter::Transport::Metabase. Please 
>> in"...) called at 
>> /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm 
>> line 647
>> CPAN::Testers::Common::Client::Config::_validate_transport(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8), 
>> "transport", "Metabase uri https://metabase.cpantesters.org/api/v1/ 
>> id_file"...) called at 
>> /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm 
>> line 448
>> CPAN::Testers::Common::Client::Config::_get_config_options(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8), 
>> HASH(0x806c7d5b8)) called at 
>> /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm 
>> line 41
>> CPAN::Testers::Common::Client::Config::read(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8)) 
>> called at /usr/local/lib/perl5/site_perl/App/cpanminus/reporter.pm 
>> line 171
>> App::cpanminus::reporter::_check_cpantesters_config_data(CPAN::cpanminus::reporter::RetainReports=HASH(0x801e7e900)) 
>> called at /usr/local/lib/perl5/site_perl/App/cpanminus/reporter.pm 
>> line 219
>> App::cpanminus::reporter::run(CPAN::cpanminus::reporter::RetainReports=HASH(0x801e7e900)) 
>> called at cpanm-reporter.pl line 23
>> line 448
>> CPAN::Testers::Common::Client::Config::_get_config_options(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8), 
>> HASH(0x806c7d5b8)) called at 
>> /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm 
>> line 41
>> CPAN::Testers::Common::Client::Config::read(CPAN::Testers::Common::Client::Config=HASH(0x806bdc0d8)) 
>> called at /usr/local/lib/perl5/site_perl/App/cpanminus/reporter.pm 
>> line 171
>> App::cpanminus::reporter::_check_cpantesters_config_data(CPAN::cpanminus::reporter::RetainReports=HASH(0x801e7e900)) 
>> called at /usr/local/lib/perl5/site_perl/App/cpanminus/reporter.pm 
>> line 219
>> App::cpanminus::reporter::run(CPAN::cpanminus::reporter::RetainReports=HASH(0x801e7e900)) 
>> called at cpanm-reporter.pl line 23
>> #####
>>
>> All the relevant modules are up to date on the machine where the program
>> was run.
>>
>> I examined
>> /usr/local/lib/perl5/site_perl/CPAN/Testers/Common/Client/Config.pm. I
>> zeroed in on the call to the internal method '_validate_transport'. I
>> entered this URL into my browser:
>>
>> https://metabase.cpantesters.org/api/v1/
>>
>> I got the standard Firefox "Warning: Potential Security Risk Ahead"
>> screen. When I clicked "Learn more...", I got:
>>
>> #####
>> Websites prove their identity via certificates. Firefox does not trust
>> this site because it uses a certificate that is not valid for
>> metabase.cpantesters.org. The certificate is only valid for
>> c.sni.fastly.net.
>>
>> Error code: SSL_ERROR_BAD_CERT_DOMAIN
>> #####
>>
>> (Hat-tip to BingOS.)
>>
>> How can we fix this or how can I work-around it?
>>
>> Thank you very much.
>> Jim Keenan

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About