Skype for business exists in the cache but is corrupt... removing

[matthewbassett]

Hi, Excellent work on the script, its saving me loads in bandwidth, and loads of time in downloading massive updates.

I'm having an issue where I get the following line each time I run: Package https://officecdn.microsoft.com/pr/C1297A47-86C4-4C1F-97FA-950631F94777/OfficeMac/SkypeForBusinessUpdater-16.15.166.pkg exists in the cache but is corrupt ...removing

But it must not actually remove the file, because the same line shows up in the next run of the script. If I manually delete the file and rerun the script I get the following:

stat: cannot stat 'SkypeForBusinessUpdater-16.15.166.pkg': No such file or directory
expr: syntax error

Thanks for any help you can provide

[pbowden-msft]

Hi Matthew. I couldn't repro the problem locally, but here are some troubleshooting tips you can try:

MAUCacheAdmin will think the local pkg is corrupt if there's a discrepancy between the package size on disk and what's returned in the reader from the web request.

To test the local package size, assuming you're running the script on a Mac, run stat -f%z SkypeForBusinessUpdater-16.15.166.pkg (which should return the value of 32048562).

To test the value from the web request, run curl --head -s https://officecdn.microsoft.com/pr/C1297A47-86C4-4C1F-97FA-950631F94777/OfficeMac/SkypeForBusinessUpdater-16.15.166.pkg | awk '/Content-Length/' | cut -d ' ' -f2 (which should also return the value of 32048562).

When you manually delete the pkg file, it is normal to see that stat error on the next run. What's supposed to happen is that this error will trigger the re-download of the package.

Hope this helps! Paul.

[matthewbassett]

Hi Paul,

Thanks for the quick reply. I did a bit more digging on it, and it looks like the issue is stemming from a certificate error when trying to curl the Skype for business pkg file. I added a -k option to curl and the script ran successfully. I'm not sure why I'm getting that certificate error, perhaps it has something to do with me being in China, and something is amiss with one of the CDN endpoints near me... it wouldn't be the first time that has happened. I think we can just leave it at that for now. My guess is that it is an issue with the closest Akamai node

[matthewbassett]

You can see what I mean below. when I run this command I get the output below:

curl https://officecdn.microsoft.com/pr/C1297A47-86C4-4C1F-97FA-950631F94777/OfficeMac/SkypeForBusinessUpdater-16.15.166.pkg

curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.

[pbowden-msft]

Hi Matthew,

Interesting. Yes, looks like a facet of where you are in the world. Instead of modifying the script, you should also be able to use the --HTTPOnly command-line parameter to force packages to be downloaded with http instead of https.