Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

link-check: exclude funyours.co.jp #7104

Merged
merged 1 commit into from
Dec 3, 2021
Merged

Conversation

dveeden
Copy link
Contributor

@dveeden dveeden commented Dec 3, 2021

What is changed, added or deleted? (Required)

http://company.funyours.co.jp/ redirects to https://www.funyours.co.jp
and that host doesn't present a correct/complete certificate chain. In
addition to that it looks like the certificate and hostname don't match.

https://www.ssllabs.com/ssltest/analyze.html?d=www.funyours.co.jp

Previous discussion: #6837 (comment)

$ curl -v -L http://company.funyours.co.jp/
*   Trying 210.152.118.91:80...
* Connected to company.funyours.co.jp (210.152.118.91) port 80 (#0)
> GET / HTTP/1.1
> Host: company.funyours.co.jp
> User-Agent: curl/7.79.1
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Server: nginx
< Date: Fri, 03 Dec 2021 06:37:29 GMT
< Content-Type: text/html
< Content-Length: 178
< Connection: keep-alive
< Location: https://www.funyours.co.jp
<
* Ignoring the response-body
* Connection #0 to host company.funyours.co.jp left intact
* Issue another request to this URL: 'https://www.funyours.co.jp/'
*   Trying 47.245.16.139:443...
* Connected to www.funyours.co.jp (47.245.16.139) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
*  CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: unable to get local issuer certificate
* Closing connection 1
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

Which TiDB version(s) do your changes apply to? (Required)

  • master (the latest development version)
  • v5.3 (TiDB 5.3 versions)
  • v5.2 (TiDB 5.2 versions)
  • v5.1 (TiDB 5.1 versions)
  • v5.0 (TiDB 5.0 versions)
  • v4.0 (TiDB 4.0 versions)
  • v3.1 (TiDB 3.1 versions)
  • v3.0 (TiDB 3.0 versions)
  • v2.1 (TiDB 2.1 versions)

What is the related PR or file link(s)?

  • This PR is translated from:
  • Other reference link(s):

Do your changes match any of the following descriptions?

  • Delete files
  • Change aliases
  • Need modification after applied to another branch
  • Might cause conflicts after applied to another branch

http://company.funyours.co.jp/ redirects to https://www.funyours.co.jp
and that host doesn't present a correct/complete certificate chain. In
addition to that it looks like the certificate and hostname don't match.

https://www.ssllabs.com/ssltest/analyze.html?d=www.funyours.co.jp

Previous discussion: pingcap#6837 (comment)

```
$ curl -v -L http://company.funyours.co.jp/
*   Trying 210.152.118.91:80...
* Connected to company.funyours.co.jp (210.152.118.91) port 80 (#0)
> GET / HTTP/1.1
> Host: company.funyours.co.jp
> User-Agent: curl/7.79.1
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Server: nginx
< Date: Fri, 03 Dec 2021 06:37:29 GMT
< Content-Type: text/html
< Content-Length: 178
< Connection: keep-alive
< Location: https://www.funyours.co.jp
<
* Ignoring the response-body
* Connection #0 to host company.funyours.co.jp left intact
* Issue another request to this URL: 'https://www.funyours.co.jp/'
*   Trying 47.245.16.139:443...
* Connected to www.funyours.co.jp (47.245.16.139) port 443 (#1)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
*  CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: unable to get local issuer certificate
* Closing connection 1
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
```
@ti-chi-bot
Copy link
Member

ti-chi-bot commented Dec 3, 2021

[REVIEW NOTIFICATION]

This pull request has been approved by:

  • TomShawn

To complete the pull request process, please ask the reviewers in the list to review by filling /cc @reviewer in the comment.
After your PR has acquired the required number of LGTMs, you can assign this pull request to the committer in the list by filling /assign @committer in the comment to help you merge this pull request.

The full list of commands accepted by this bot can be found here.

Reviewer can indicate their review by submitting an approval review.
Reviewer can cancel approval by submitting a request changes review.

@ti-chi-bot ti-chi-bot added missing-translation-status This PR does not have translation status info. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Dec 3, 2021
@dveeden
Copy link
Contributor Author

dveeden commented Dec 3, 2021

@ti-chi-bot ti-chi-bot added the status/LGT1 Indicates that a PR has LGTM 1. label Dec 3, 2021
@TomShawn TomShawn added translation/doing This PR's assignee is translating this PR. and removed missing-translation-status This PR does not have translation status info. labels Dec 3, 2021
@TomShawn TomShawn added translation/no-need No need to translate this PR. needs-cherry-pick-release-4.0 needs-cherry-pick-release-5.3 Should cherry pick this PR to release-5.3 branch. require-LGT1 Indicates that the PR requires an LGTM. and removed translation/doing This PR's assignee is translating this PR. labels Dec 3, 2021
@TomShawn
Copy link
Contributor

TomShawn commented Dec 3, 2021

/merge

@ti-chi-bot
Copy link
Member

This pull request has been accepted and is ready to merge.

Commit hash: b783de0

@ti-chi-bot ti-chi-bot added the status/can-merge Indicates a PR has been approved by a committer. label Dec 3, 2021
@ti-chi-bot ti-chi-bot merged commit ce4fced into pingcap:master Dec 3, 2021
@ti-chi-bot
Copy link
Member

In response to a cherrypick label: new pull request created: #7105.

@ti-chi-bot
Copy link
Member

In response to a cherrypick label: new pull request created: #7106.

@ti-chi-bot
Copy link
Member

In response to a cherrypick label: new pull request created: #7107.

@ti-chi-bot
Copy link
Member

In response to a cherrypick label: new pull request created: #7108.

@ti-chi-bot
Copy link
Member

In response to a cherrypick label: new pull request created: #7109.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
needs-cherry-pick-release-5.3 Should cherry pick this PR to release-5.3 branch. require-LGT1 Indicates that the PR requires an LGTM. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. status/can-merge Indicates a PR has been approved by a committer. status/LGT1 Indicates that a PR has LGTM 1. translation/no-need No need to translate this PR.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants