This repository has been archived by the owner on Jan 29, 2025. It is now read-only.
Expired cert for content-signature-2.cdn.mozilla.net causes heartbeat to fail to render #2092
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The normandy heartbeat is intended to return a JSON response with details about any failed checks. On Saturday we discovered that if the certificate for the CDN hosting the x5u signatures for an action (content-signature-2.cdn.mozilla.net) is expired, the heartbeat does not properly report that but instead just fails with a generic error page. Presumably the same behavior occurs for the any other checks that fetch the signatures as well.
Normandy should catch and report the SSLCertVerificationError exception.
https://sentry.prod.mozaws.net/operations/normandy-prod/issues/7190941/
The text was updated successfully, but these errors were encountered: