Closed amingilani closed 8 years ago
ping @slack
From using digicert's SSL checker, it seems that the server is not sending the required intermediate certificate, which would cause trust issues.
However, the certificate is valid.
Certificate Name matches get.helm.sh
Subject get.helm.sh
Valid from 24/Oct/2016 to 24/Nov/2017
Issuer Amazon
Subject Amazon
Valid from 22/Oct/2015 to 19/Oct/2025
Issuer Amazon Root CA 1
Subject Amazon Root CA 1
Valid from 25/May/2015 to 31/Dec/2037
Issuer Starfield Services Root Certificate Authority - G2
Subject Starfield Services Root Certificate Authority - G2
Valid from 02/Sep/2009 to 28/Jun/2034
Issuer Starfield Technologies, Inc.
We're using ACM + CloudFront which doesn't let you change/modify the certificate payload.
The certificate did expire over the weekend and I moved to ACM on 10/25 at 21:30 PDT.
@amingilani you still seeing certificate issues?
Just investigated the digicert checker... it is looking for DigiCert's intermediate... Not a generically valid SSL configuration.
https://www.ssllabs.com/ssltest/analyze.html?d=get.helm.sh&s=52.84.213.240&latest
Oops, typo on the date. I moved to ACM on 10/23...
I am unable to reproduce the problem specified in this ticket:
$ curl -s https://get.helm.sh | bash
Downloading helmc-latest-darwin-amd64 from Google Cloud Storage...
helmc is now available in your current directory.
To learn more about helm classic, execute:
$ ./helmc
$ ./helmc
NAME:
helmc - Helm Classic - A Kubernetes package manager
To begin working with Helm Classic, run the 'helmc update' command:
$ helmc update
This will download all of the necessary data. Common actions from this point
include:
- helmc help COMMAND: see help for a specific command
- helmc search: search for charts
- helmc fetch: make a local working copy of a chart
- helmc install: upload the chart to Kubernetes
For more information on Helm Classic, go to http://helm.sh.
ENVIRONMENT:
$HELMC_HOME: Set an alternative location for Helm files. By default, these
are stored in ~/.helmc
USAGE:
helmc [global options] command [command options] [arguments...]
VERSION:
0.8.1+a9c55cf
COMMANDS:
create Create a chart in the local workspace.
doctor Run a series of checks to surface possible problems
edit Edit a named chart in the local workspace.
fetch Fetch a Chart to your working directory.
home Displays the location of the Helm Classic home.
info Print information about a Chart.
install Install a named package into Kubernetes.
lint Validates given chart
list List all fetched packages.
publish Publish a named chart to the git checkout.
remove Remove one or more Charts from your working directory.
repository Work with other Chart repositories.
search Search for a package.
target Displays information about cluster.
uninstall Uninstall a named package from Kubernetes.
update Get the latest version of all Charts from GitHub.
generate Run the generator over the given chart.
template Run a template command on a file.
GLOBAL OPTIONS:
--home "$HOME/.helmc" The location of your Helm Classic files [$HELMC_HOME]
--debug Enable verbose debugging output
--help, -h show help
--generate-bash-completion
--version, -v print the version
@amingilani are you still having this problem, or did it just appear over the weekend?
Sorry about the late reply guys. It seems to be working now! Thanks for looking into it. I'm closing this issue.
Cross posted from https://github.com/kubernetes/helm/issues/1445
The documentation here asks us to pipe a script to bash but the endpoint
https://get.helm.sh
doesn't have a valid ssl cert.