Closed heisian closed 5 years ago
Related to https://github.com/Unitech/pm2/issues/2836
We are deeply sorry for the inconvenience, we fixed the issue and we will work something about to avoid the problem reproducing in the future.
Regards
@vmarchaud this appears to still be an issue.
yarn install
yarn install v1.10.1
info No lockfile found.
[1/4] 🔍 Resolving packages...
error An unexpected error occurred: "https://tgz.pm2.io/gkt-1.0.0.tgz: unable to verify the first certificate".
Curl however does seem to work
curl -v https://tgz.pm2.io/gkt-1.0.0.tgz
* Trying 163.172.101.189...
* TCP_NODELAY set
* Connected to tgz.pm2.io (163.172.101.189) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: OU=Domain Control Validated; CN=*.pm2.io
* start date: Jan 16 15:28:43 2018 GMT
* expire date: Jan 16 15:28:43 2021 GMT
* subjectAltName: host "tgz.pm2.io" matched cert's "*.pm2.io"
* issuer: C=BE; O=GlobalSign nv-sa; CN=AlphaSSL CA - SHA256 - G2
* SSL certificate verify ok.
> GET /gkt-1.0.0.tgz HTTP/1.1
> Host: tgz.pm2.io
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx
< Date: Tue, 30 Oct 2018 00:02:30 GMT
< Content-Type: application/octet-stream
< Content-Length: 260
< Connection: keep-alive
< X-Powered-By: Express
< ETag: W/"104-QFUCsAfzGcP0cXXER0UnMA8qta0"
< Strict-Transport-Security: max-age=0;
<
��J�0���S�lFa��ۿ��"��y�ІN�6)IF��m��g!�pT�|�8 �����7;މ�4��Z%G�$�"��z�1�`�
* Connection #0 to host tgz.pm2.io left intact
�b]%���F�co7S+��'�B^��B]��]�ƭ0Vj5{�A�m�m��a��r�KoHՊ�����VP���e#��.64}Lz��!������5����s(c���F+�{��;Y\ܸ{�%��,N�bJ#�H����:�K
You should be able to fix this by removing the optional dependency of gkt
as seen in this issue:
Thanks @ekeric13, but this doesn't work for yarn. Same issue, yarn add pm2 --ignore-optional
. Which is a yarn issue, but still . . . overall cert issue is still present on yarn add
Be sure to update your yarn lock even after doing --ignore-optional
to make sure you remove the gkt
. This fix worked immediately when I tried it before the certificate was even updated so it would be quite surprising if this doesn't work for you.
Yeah, I had actually killed my yarn.lock
file and ran yarn cache clean
after we saw this problem. Same issue, so something isn't updated. I can confirm running npm install pm2
works as expected though 🤷♂️
Cert has expired again @vmarchaud
When installing pm2:
Just attempting to connect to the URL:
curl -v https://tgz.pm2.io
So we cannot install
pm2
.