search

cloudfoundry-community / slack-notification-resource

Concourse CI resource for sending notifications to Slack.
MIT License
75 stars 81 forks source link

Still being maintained? #95

Open Tang8330 opened 1 year ago

Tang8330 commented 1 year ago

There's an SSL error that is preventing us from sending build notifications to Slack.

selected worker: concourse-worker-1
streaming volume git-repo from concourse-worker-0
*   Trying 35.82.91.193...
* TCP_NODELAY set
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to hooks.slack.com (35.82.91.193) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [102 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [4023 bytes data]
* TLSv1.2 (OUT), TLS alert, Server hello (2):
} [2 bytes data]
* SSL certificate problem: certificate has expired
* Curl_http_done: called premature == 1
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Closing connection 0
} [5 bytes data]
* TLSv1.2 (OUT), TLS alert, Client hello (1):
} [2 bytes data]
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
xtremerui commented 1 year ago

@jhunt @professor not sure if you are still active in this repo. If yes, would you please take a look at this issue? If not, I am happy to help out. Thank you!

jhunt commented 1 year ago

Havent looked into this in any detail, but that error from curl looks like an upstream issue (cert expired on whatever is being curled), not something broken in the resource implementation.

What is your config?