search

thaljef / Pinto

Curate your own repository of Perl modules
https://metacpan.org/module/Pinto::Manual
66 stars 49 forks source link

Pinto installer script fails because of https certificate mismatch on stratopan #179

Closed Deracination closed 9 years ago

Deracination commented 9 years ago

Running the installer ( http://getpinto.stratopan.com | bash) fails because an https issue causes wget (GNU Wget 1.11.4 Red Hat modified) to give up.

cpanm --verbose --notest --mirror http://stratopan.com/thaljef/OpenSource/pinto-release --mirror-only --local-lib-contained /tmp/pinto --man-pages Pinto

==> Found dependencies: ExtUtils::MakeMaker, ExtUtils::Install
Searching ExtUtils::MakeMaker on mirror http://stratopan.com/thaljef/OpenSource/pinto-release ...
Downloading index file http://stratopan.com/thaljef/OpenSource/pinto-release/modules/02packages.details.txt.gz ...
--2015-01-24 15:40:23--  http://stratopan.com/thaljef/OpenSource/pinto-release/modules/02packages.details.txt.gz
Resolving stratopan.com... 198.58.102.57, 2600:3c00::f03c:91ff:feae:fd46
Connecting to stratopan.com|198.58.102.57|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://stratopan.com/thaljef/OpenSource/pinto-release/modules/02packages.details.txt.gz [following]
--2015-01-24 15:40:23--  https://stratopan.com/thaljef/OpenSource/pinto-release/modules/02packages.details.txt.gz
Connecting to stratopan.com|198.58.102.57|:443... connected.
ERROR: certificate common name `*.stratopan.com' doesn't match requested host name `stratopan.com'.
To connect to stratopan.com insecurely, use `--no-check-certificate'.
Unable to establish SSL connection.

Work-around is to run cpanm manually with --no-wget, or else use www.stratopan.com instead of stratopan.com as the url.

tartansandal commented 9 years ago

This is because wget does not look at the Certificate Subject Alternate Name fields (not sure why not).

By default cpanm tries curl, wget, then lwp in that order. May be too hard to try to get them to all play nice.

Simplest way to fix this is to reconfigure the web server running https://stratopan.com and give it an additional name, say, www.stratopan.com, and then get the installer to use that consistently.

Kal

thaljef commented 9 years ago

Work-around is to run cpanm manually with --no-wget

Still just a workaround, but this might be a little more convenient:

curl  -L http://getpinto.stratopan.com | PERL_CPANM_OPT=--no-wget bash
thaljef commented 9 years ago

I think this should be fixed now. But my version of wget doesn't have this problem, so I can't be entirely sure. @Deracination, please let me know either way. Thanks for bringing this to my attention.

thaljef commented 9 years ago

No reply from @Deracination, so I'm going to close this.