Why is Spectrum intercepting HTTPS requests?

benwilson
benwilson Posts: 2 Spectator
edited January 10 in Internet 2023 Archive

Trying to do some work from home and getting random failures due to certificates not being valid.


  Warning  Failed     32s                kubelet            Failed to pull image "public.ecr.aws/r5b3e0r5/3box/ceramic-one": rpc error: code = Unknown desc = failed to pull and unpack image "public.ecr.aws/r5b3e0r5/3box/ceramic-one:latest": failed to resolve reference "public.ecr.aws/r5b3e0r5/3box/ceramic-one:latest": failed to do request: Head "https://public.ecr.aws/v2/r5b3e0r5/3box/ceramic-one/manifests/latest": x509: certificate is valid for sdptpsiproxyvip.charter.com, id.spectrum.net, www.spectrum.net, www.spectrum.com, activate.spectrum.net, spectrum.net, v-collector.dp.aws.charter.com, sdpetpsi-a.charter.com, sdpetpsi.charter.com, sdpetpsi-b.charter.com, sdpwtpsi.charter.com, sdpwtpsi-a.charter.com, sdpwtpsi-b.charter.com, sdptpsi.charter.com, sdptpsi.g.charter.com, cdn.pi.spectrum.net, api.spectrum.net, collector.pi.spectrum.net, pi-lite.spectrum.net, apis.stage-spectrum.net, apis.spectrum.net, id.stage-spectrum.net, tpsi.spectrum.net, tpsi-ort.spectrum.net, not public.ecr.aws

How do I stop Spectrum from responding to requests not intended for them?

Answers

  • RAIST515O
    RAIST515O Posts: 37 Contributor
    edited August 2023

    May have been an issue with the repo... looks like it failed to look up a reference or something when you tried to pull it up.

    Came up for me just now (image was updated fairly recently)



  • RAIST515O
    RAIST515O Posts: 37 Contributor
    edited August 2023

    (And yes, that was on my phone... but was not on the Verizon LTE. Using my home wifi (Asus router) on Spectrum Internet in South Carolina (defaults to Spectrum's DNS, specifically 209.18.47.63 and 209.18.47.61)

  • benwilson
    benwilson Posts: 2 Spectator

    It works eventually, yeah.

    The repo is hosted by AWS, why does the hostname resolution of "public.ecr.aws" return a Specturm SSL cert?

    The only reasons I can come up with is they're proxying traffic or DNS responses.

    Please leave my packets alone 😓

This discussion has been closed.