Fatal: unable to access 'https://github.com/SamSaffron/pups.git/'

Wingysam · April 30, 2018, 7:48pm

I have followed the instructions at https://github.com/discourse/discourse/blob/master/docs/INSTALL-cloud.md, and received this error while attempting ./discourse-setup:

fatal: unable to access 'https://github.com/SamSaffron/pups.git/': SSL: certificate subject name (jetdevs.xyz) does not match target host name 'github.com'
281e1ca9794eccc050c2100c479a4511bc7e17e045c8e92654e45747997ec477

The following is the output of ./discourse-setup after configuration:


ENTER to continue, 'n' to try again, Ctrl+C to exit: 

Configuration file at  updated successfully!

Updates successful. Rebuilding in 5 seconds.
Building app

WARNING: We are about to start downloading the Discourse base image
This process may take anywhere between a few minutes to an hour, depending on your network speed

Please be patient

Unable to find image 'discourse/base:2.0.20180404' locally
2.0.20180404: Pulling from discourse/base
22dc81ace0ea: Pulling fs layer
1a8b3c87dba3: Pulling fs layer
91390a1c435a: Pulling fs layer
07844b14977e: Pulling fs layer
b78396653dae: Pulling fs layer
ef3e3cc07f1b: Pulling fs layer
b78396653dae: Waiting
ef3e3cc07f1b: Waiting
91390a1c435a: Verifying Checksum
91390a1c435a: Download complete
1a8b3c87dba3: Verifying Checksum
1a8b3c87dba3: Download complete
07844b14977e: Verifying Checksum
07844b14977e: Download complete
b78396653dae: Verifying Checksum
b78396653dae: Download complete
22dc81ace0ea: Download complete
22dc81ace0ea: Pull complete
1a8b3c87dba3: Pull complete
91390a1c435a: Pull complete
07844b14977e: Pull complete
b78396653dae: Pull complete
ef3e3cc07f1b: Verifying Checksum
ef3e3cc07f1b: Download complete
ef3e3cc07f1b: Pull complete
Digest: sha256:745365df6e01943d48cbe4c59214c76ac302def2d00a07aff07d625b306bbeb7
Status: Downloaded newer image for discourse/base:2.0.20180404
Ensuring launcher is up to date
Fetching origin
Launcher is up-to-date
cd /pups && git pull && /pups/bin/pups --stdin
fatal: unable to access 'https://github.com/SamSaffron/pups.git/': SSL: certificate subject name (jetdevs.xyz) does not match target host name 'github.com'
456ba8b4c0956f5482a0ce4421b9403a9ca613494aa46c078a860519ab7dea64
** FAILED TO BOOTSTRAP ** please scroll up and look for earlier error messages, there may be more than one

supermathie · April 30, 2018, 7:56pm

fatal: unable to access 'https://github.com/SamSaffron/pups.git/':
  SSL: certificate subject name (jetdevs.xyz) does not match target host name 'github.com'

git was expecting to connect to github and ended up somewhere else - hence the certificate error

Do you have something “funny” set up in your network, like a proxy?

If you try again, does it work?

Wingysam · April 30, 2018, 8:02pm

I do not believe I have a proxy, although it is possible because I am using a VPS from Scaleway.
I tried twice, and it did not work. I have Docker set to use Google’s DNS. My hosts file is this:

127.0.1.1       scw-1da44d scw-1da44d
127.0.0.1       localhost
::1             localhost ip6-localhost ip6-loopback
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters

cURL is able to reach Github:

root@scw-1da44d:/var/discourse# curl github.com -v
* Rebuilt URL to: github.com/
*   Trying 192.30.253.112...
* Connected to github.com (192.30.253.112) port 80 (#0)
> GET / HTTP/1.1
> Host: github.com
> User-Agent: curl/7.47.0
> Accept: */*
> 
< HTTP/1.1 301 Moved Permanently
< Content-length: 0
< Location: https://github.com/
< 
* Connection #0 to host github.com left intact

supermathie · April 30, 2018, 8:12pm

Does curl https://github.com/ work?

dnsmichi · April 30, 2018, 8:26pm

Try it with openssl directly to see the presented certificate.

openssl s_client -connect github.com:443

pfaffman · April 30, 2018, 8:27pm

You might check this topic: Discourse docker container has trouble reaching DNS. It sounds similar.

Wingysam · April 30, 2018, 9:01pm

@supermathie curl https://github.com/: http://dpaste.com/14KZWJ7.txt
@dnsmichi openssl s_client -connect github.com:443: http://dpaste.com/3NDE1WV.txt
@pfaffman I have access to 8.8.8.8.

dnsmichi · May 3, 2018, 9:16am

Hm, maybe a transparent proxy which just forwards the TLS requests (HA proxy et al). I’d rather say that DNS doesn’t work here,

jetdevs.xyz is an obfuscated FQDN, or is it really what’s shown in your output?

Wingysam · May 7, 2018, 12:07pm

jetdevs.xyz is my domain.

dnsmichi · May 7, 2018, 6:08pm

Hm, check with your VM provider then please. If there really is a proxy in place, it may have troubles and they should have it monitored or noticed.

schleifer · May 8, 2018, 1:58pm

This error…

…and this output…

…contradict each another. Inside the container and outside the container you get different certificates for Github.

Have you changed the network configuration for docker in any way in ~/.docker/config.json or in /etc/docker/daemon.json?

pfaffman · May 8, 2018, 9:43pm

I recently had a problem that was due to having some bogus stuff in /etc/resolve.conf. Resolution worked just fine outside the container, but inside the container it would fail.

I’d check /etc/resov.conf and see that the nameservers line is something that makes sense and/or change it to something that you’re sure does.

system · June 22, 2018, 12:03am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Installation failed on Debian 11 (ProxMox/KVM) Installation	3	703	January 10, 2023
Failed to Bootstrap Ping is working to github Installation	11	5226	December 4, 2020
Install discourse error help me? Installation	5	736	March 20, 2022
Docker sometimes fails to connect to github.com Installation	9	4027	January 5, 2023
Restore from a server image that contain discourse, but rebuild error Support	6	490	September 13, 2020

Fatal: unable to access 'https://github.com/SamSaffron/pups.git/'

Related topics