Problems with dl-cdn.alpinelinux.org: redirect to https via Squid (results in 404)
-
I have noticed that “curl -I http://dl-cdn.alpinelinux.org/alpine/v3.8/main/x86\_64/APKINDEX.tar.g
z” redirects to “https://dl-cdn.alpinelinux.org/alpine/v3.8/main/x86\_64/APKINDEX.tar.gz”, but only when using a local Squid http cache!
The redirection target results in a 404 then. -
When trying to access https://dl-cdn.alpinelinux.org in general, you will get a certificate error:
% curl
https://dl-cdn.alpinelinux.org/alpine/v3.8/main/x86\_64/APKINDEX.tar.gz
curl: (51) SSL: no alternative certificate subject name matches target
host name ‘dl-cdn.alpinelinux.org’
- On https://wiki.alpinelinux.org/wiki/Alpine\_Linux:Mirrors there is a link to http://rsync.alpinelinux.org/alpine/MIRRORS.txt, which appears to redirect to https://dl-cdn.alpinelinux.org/alpine/MIRRORS.txt (404).
The most puzzling part is 1. though - it appears to really be related to
using Squid, even with
“forwarded_for transparent” and “via off”.
I’ve tried to look at what happens with https://github.com/yinqiwen/gsnova between dl-cdn and Squid to some mixed avail - I think without “forwarded_for transparent” and “via off” it would still redirect, but with those options enabled (to hide that Squid is used) it worked better (it does not redirect to https/404), but resulted in i/o timeout, e.g. “apk update” fails:
fetch
http://dl-cdn.alpinelinux.org/alpine/v3.8/main/x86\_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.8/main: BAD signature
I’ve used the following to use gsnova as parent proxy:
cache_peer 127.0.0.1 parent 23128 0 no-query no-digest
never_direct allow all
(from redmine: issue id 9194, created on 2018-08-06, closed on 2018-08-07)