From: Andre McCurdy <armccurdy@gmail.com>
To: Greg Wilson-Lindberg <GWilson@sakuraus.com>
Cc: "yocto@yoctoproject.org" <yocto@yoctoproject.org>
Subject: Re: Working behind a Palo Alto firewall/proxy
Date: Wed, 6 Sep 2017 18:34:07 -0700 [thread overview]
Message-ID: <CAJ86T=Uce45W_Thtuqv_CORNx7X6c1TD-Bg8O_DRyu65NLS6wQ@mail.gmail.com> (raw)
In-Reply-To: <afce79fad80649ff88295ca3d41499ef@sakuraus.com>
On Wed, Sep 6, 2017 at 2:42 PM, Greg Wilson-Lindberg
<GWilson@sakuraus.com> wrote:
> Hi List,
>
> Does anybody have any experience trying to run Yocto behind a Palo Alto
> firewall. The Palo Alto firewall basically works as a Man in the Middle
> system, it hands out its own certificate to boxes behind it and then
> decrypts and re-encrypts traffic going through it. The Palo Alto box is
> supposed to act as a transparent Proxy.
>
> I'm getting an error that the 'server certificate verification failed' about
> an hour into a yocto build. The certificate that the Palo Alto box is
> sending to my system is self-signed so will fail if checked for a valid root
> CA, and also is not from whatever site is being downloaded from.
Which site is being downloaded from and at which point in the build
(ie which recipe and task) ?
next prev parent reply other threads:[~2017-09-07 1:34 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-06 21:42 Working behind a Palo Alto firewall/proxy Greg Wilson-Lindberg
2017-09-07 1:34 ` Andre McCurdy [this message]
2017-09-07 16:28 ` Greg Wilson-Lindberg
2017-09-07 16:31 ` Mark Hatle
2017-09-07 16:47 ` Greg Wilson-Lindberg
2017-09-07 16:51 ` Khem Raj
2017-09-07 17:09 ` Greg Wilson-Lindberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJ86T=Uce45W_Thtuqv_CORNx7X6c1TD-Bg8O_DRyu65NLS6wQ@mail.gmail.com' \
--to=armccurdy@gmail.com \
--cc=GWilson@sakuraus.com \
--cc=yocto@yoctoproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.