OpenSSL SSL_connect: Connection reset by peer in connection to cdn.casebook.net

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

from a browser these work https://cdn.casebookuat.net/apps/authentication/static/1887461023/bundle.296.5ab983d0e00a660d1399.js

https://cdn.casebook.net/apps/authentication/static/1887461023/bundle.296.5ab983d0e00a660d1399.js

from curl on a terminal

    - echo "cdn.casebookuat.net"
    - curl https://cdn.casebookuat.net/apps/authentication/static/1887461023/bundle.296.5ab983d0e00a660d1399.js -vi
    - echo "cdn.casebook.net"
    - curl https://cdn.casebook.net/apps/authentication/static/1887461023/bundle.296.5ab983d0e00a660d1399.js -vi

from within a gitlab pipeline cdn.casebookuat.net works cdn.casebook.net does not https://gitlab.com/casebook-pbc/gitlab/-/jobs/12295124665

$ echo "cdn.casebookuat.net"
cdn.casebookuat.net
$ curl https://cdn.casebookuat.net/apps/authentication/static/1887461023/bundle.296.5ab983d0e00a660d1399.js -vi
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0   0     0   0     0     0     0  --:--:-- --:--:-- --:--:--     0* Host cdn.casebookuat.net:443 was resolved.
* IPv6: 2600:9000:28a3:d600:9:ad03:4f80:93a1, 2600:9000:28a3:a000:9:ad03:4f80:93a1, 2600:9000:28a3:8e00:9:ad03:4f80:93a1, 2600:9000:28a3:da00:9:ad03:4f80:93a1, 2600:9000:28a3:f400:9:ad03:4f80:93a1, 2600:9000:28a3:400:9:ad03:4f80:93a1, 2600:9000:28a3:7400:9:ad03:4f80:93a1, 2600:9000:28a3:3800:9:ad03:4f80:93a1
* IPv4: 3.171.61.102, 3.171.61.69, 3.171.61.18, 3.171.61.122
*   Trying [2600:9000:28a3:d600:9:ad03:4f80:93a1]:443...
* Immediate connect fail for 2600:9000:28a3:d600:9:ad03:4f80:93a1: Network unreachable
*   Trying 3.171.61.102:443...
* ALPN: curl offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [1565 bytes data]
* SSL Trust Anchors:
*   CAfile: /cacert.pem
  0     0   0     0   0     0     0     0  --:--:-- --:--:-- --:--:--     0{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [1210 bytes data]
* TLSv1.3 (IN), TLS change cipher, Change cipher spec (1):
{ [1 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [19 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [3823 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [36 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [36 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / X25519MLKEM768 / RSASSA-PSS
* ALPN: server accepted h2
* Server certificate:
*   subject: CN=casebookuat.net
*   start date: Mar 15 00:00:00 2025 GMT
*   expire date: Apr 14 23:59:59 2026 GMT
*   issuer: C=US; O=Amazon; CN=Amazon RSA 2048 M02
*   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   Certificate level 2: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   subjectAltName: "cdn.casebookuat.net" matches cert's "*.casebookuat.net"
* SSL certificate verified via OpenSSL.
* Established connection to cdn.casebookuat.net (3.171.61.102 port 443) from 10.1.44.224 port 60272 
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://cdn.casebookuat.net/apps/authentication/static/1887461023/bundle.296.5ab983d0e00a660d1399.js
* [HTTP/2] [1] [:method: GET]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: cdn.casebookuat.net]
* [HTTP/2] [1] [:path: /apps/authentication/static/1887461023/bundle.296.5ab983d0e00a660d1399.js]
* [HTTP/2] [1] [user-agent: curl/8.17.0]
* [HTTP/2] [1] [accept: */*]
} [5 bytes data]
> GET /apps/authentication/static/1887461023/bundle.296.5ab983d0e00a660d1399.js HTTP/2
> Host: cdn.casebookuat.net
> User-Agent: curl/8.17.0
> Accept: */*
> 
* Request completely sent off
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [157 bytes data]
< HTTP/2 200 
HTTP/2 200 
< content-type: text/javascript
< content-length: 6020
< date: Mon, 01 Dec 2025 22:02:52 GMT
< last-modified: Tue, 24 Jun 2025 21:09:09 GMT
< etag: "ec0c18d8d1c838b23b76ebe2b3a5d26d"
< x-amz-server-side-encryption: AES256
< x-amz-version-id: dqsRj_E2f255H8kBKbZ261U882SQQV2v
< accept-ranges: bytes
< server: AmazonS3
< x-cache: Hit from cloudfront
< via: 1.1 838419e255a7994eff844a15e983d6fe.cloudfront.net (CloudFront)
< x-amz-cf-pop: IAD61-P8
< x-amz-cf-id: Uk6VmxKfr-bWbDcVneqxRuUFbxQMHbf77raahnSS5r6ct3CmFql-RQ==
< age: 67976
< 
{ [6020 bytes data]
content-type: text/javascript
content-length: 6020
date: Mon, 01 Dec 2025 22:02:52 GMT
last-modified: Tue, 24 Jun 2025 21:09:09 GMT
etag: "ec0c18d8d1c838b23b76ebe2b3a5d26d"
x-amz-server-side-encryption: AES256
x-amz-version-id: dqsRj_E2f255H8kBKbZ261U882SQQV2v
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 838419e255a7994eff844a15e983d6fe.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P8
x-amz-cf-id: Uk6VmxKfr-bWbDcVneqxRuUFbxQMHbf77raahnSS5r6ct3CmFql-RQ==
age: 67976
(()=>{"use strict";var n,e,t,o={15298:(n,e,t)=>{t.d(e,{Z:()=>l});var o=t(87537),i=t.n(o),r=t(23645),a=t.n(r)()(i());a.push([n.id,'.auth-link{font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Droid Sans",Ubuntu,"Helvetica Neue",Arial,sans-serif;color:#7b6aaf}.auth-link:visited{color:#7b6aaf}.auth-link:hover{color:#5e4d96;text-decoration:none}.auth-link.external{display:"inline-flex";margin-left:"8px"}.auth-link:focus{outline:0;background-color:"transparent";box-shadow:#fff 0 0 0 2px,#7362a8 0 0 0 4px}.auth-light-link{font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Droid Sans",Ubuntu,"Helvetica Neue",Arial,sans-serif;color:#fff;text-decoration:none}.auth-light-link:visited{color:#fff}.auth-light-link:hover{color:#fff;text-decoration:none}.auth-light-link.external{display:"inline-flex";margin-left:"8px"}.auth-light-link:focus{outline:0;background-color:"transparent";box-shadow:#7362a8 0 0 0 2px,#fff 0 0 0 4px}.intake-inherit-link{font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Droid Sans",Ubuntu,"Helvetica Neue",Arial,sans-serif;color:"inherit";text-decoration:none}.intake-inherit-link:visited{color:"inherit"}.intake-inherit-link:hover{color:"inherit";text-decoration:none}.intake-inherit-link.external{display:"inline-flex";margin-left:"8px"}.intake-inherit-link:focus{outline:0;background-color:"transparent";box-shadow:#fff 0 0 0 2px,"inherit" 0 0 0 4px}',"",{version:3,sources:["webpack://./src/client/app/style.scss"],names:[],mappings:"AAAA,WACE,oHAAA,CAEA,aAAA,CAGF,mBACE,aAAA,CAGF,iBACE,aAAA,CACA,oBAAA,CAGF,oBACE,qBAAA,CACA,iBAAA,CAGF,iBACE,SAAA,CACA,8BAAA,CACA,2CAAA,CAGF,iBACE,oHAAA,CAEA,UAAA,CACA,oBAAA,CAGF,yBACE,UAAA,CAGF,uBACE,UAAA,CACA,oBAAA,CAGF,0BACE,qBAAA,CACA,iBAAA,CAGF,uBACE,SAAA,CACA,8BAAA,CACA,2CAAA,CAGF,qBACE,oHAAA,CAEA,eAAA,CACA,oBAAA,CAGF,6BACE,eAAA,CAGF,2BACE,eAAA,CACA,oBAAA,CAGF,8BACE,qBAAA,CACA,iBAAA,CAGF,2BACE,SAAA,CACA,8BAAA,CACA,6CAAA",sourcesContent:[".auth-link {\n  font-family: -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, \"Droid Sans\", Ubuntu,\n  \"Helvetica Neue\", Arial, sans-serif;\n  color: #7B6AAF;\n}\n\n.auth-link:visited {\n  color: #7B6AAF;\n}\n\n.auth-link:hover {\n  color: #5E4D96;\n  text-decoration: none;\n}\n\n.auth-link.external {\n  display: 'inline-flex';\n  margin-left: '8px';\n}\n\n.auth-link:focus {\n  outline: 0;\n  background-color: 'transparent';\n  box-shadow: #FFFFFF 0 0 0 2px, #7362A8 0 0 0 4px;\n}\n\n.auth-light-link {\n  font-family: -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, \"Droid Sans\", Ubuntu,\n  \"Helvetica Neue\", Arial, sans-serif;\n  color: #FFFFFF;\n  text-decoration: none;\n}\n\n.auth-light-link:visited {\n  color: #FFFFFF;\n}\n\n.auth-light-link:hover {\n  color: #FFFFFF;\n  text-decoration: none;\n}\n\n.auth-light-link.external {\n  display: 'inline-flex';\n  margin-left: '8px';\n}\n\n.auth-light-link:focus {\n  outline: 0;\n  background-color: 'transparent';\n  box-shadow: #7362A8 0 0 0 2px, #FFFFFF 0 0 0 4px;\n}\n\n.intake-inherit-link {\n  font-family: -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, \"Droid Sans\", Ubuntu,\n  \"Helvetica Neue\", Arial, sans-serif;\n  color: 'inherit';\n  text-decoration: none;\n}\n\n.intake-inherit-link:visited {\n  color: 'inherit';\n}\n\n.intake-inherit-link:hover {\n  color: 'inherit';\n  text-decoration: none;\n}\n\n.intake-inherit-link.external {\n  display: 'inline-flex';\n  margin-left: '8px';\n}\n\n.intake-inherit-link:focus {\n  outline: 0;\n  background-color: 'transparent';\n  box-shadow: #FFFFFF 0 0 0 2px, 'inherit' 0 0 0 4px;\n  /* ...theme.borders.focusStyle.default; */\n}\n"],sourceRoot:""}]);const l=a},39234:(n,e,t)=>{var o=t(93379),i=t.n(o),r=t(7795),a=t.n(r),l=t(90569),A=t.n(l),s=t(3565),u=t.n(s),c=t(19216),f=t.n(c),h=t(44589),d=t.n(h),p=t(15298),C={};C.styleTagTransform=d(),C.setAttributes=u(),C.insert=A().bind(null,"head"),C.domAPI=a(),C.insertStyleElement=f(),i()(p.Z,C),p.Z&&p.Z.locals&&p.Z.locals}},i={};function r(n){var e=i[n];if(void 0!==e)return e.exports;var t=i[n]={id:n,loaded:!1,exports:{}};return o[n].call(t.exports,t,t.exports,r),t.loaded=!0,t.exports}r.m=o,n=[],r.O=(e,t,o,i)=>{if(!t){var a=1/0;for(u=0;u<n.length;u++){for(var[t,o,i]=n[u],l=!0,A=0;A<t.length;A++)(!1&i||a>=i)&&Object.keys(r.O).every((n=>r.O[n](t[A])))?t.splice(A--,1):(l=!1,i<a&&(a=i));if(l){n.splice(u--,1);var s=o();void 0!==s&&(e=s)}}return e}i=i||0;for(var u=n.length;u>0&&n[u-1][2]>i;u--)n[u]=n[u-1];n[u]=[t,o,i]},r.n=n=>{var e=n&&n.__esModule?()=>n.default:()=>n;return r.d(e,{a:e}),e},t=Object.getPrototypeOf?n=>Object.getPrototypeOf(n):n=>n.__proto__,r.t=function(n,o){if(1&o&&(n=this(n)),8&o)return n;if("object"==typeof n&&n){if(4&o&&n.__esModule)return n;if(16&o&&"function"==typeof n.then)return n}var i=Object.create(null);r.r(i);var a={};e=e||[null,t({}),t([]),t(t)];for(var l=2&o&&n;"object"==typeof l&&!~e.indexOf(l);l=t(l))Object.getOwnPropertyNames(l).forEach((e=>a[e]=()=>n[e]));return a.default=()=>n,r.d(i,a),i},r.d=(n,e)=>{for(var t in e)r.o(e,t)&&!r.o(n,t)&&Object.defineProperty(n,t,{enumerable:!0,get:e[t]})},r.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(n){if("object"==typeof window)return window}}(),r.o=(n,e)=>Object.prototype.hasOwnProperty.call(n,e),r.r=n=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(n,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(n,"__esModule",{value:!0})},r.nmd=n=>(n.paths=[],n.children||(n.children=[]),n),r.j=296,(()=>{var n={296:0};r.O.j=e=>0===n[e];var e=(e,t)=>{var o,i,[a,l,A]=t,s=0;if(a.some((e=>0!==n[e]))){for(o in l)r.o(l,o)&&(r.m[o]=l[o]);if(A)var u=A(r)}for(e&&e(t);s<a.length;s++)i=a[s],r.o(n,i)&&n[i]&&n[i][0](),n[i]=0;return r.O(u)},t=self.webpackChunkcbp_auth_web=self.webpackChunkcbp_auth_web||[];t.forEach(e.bind(null,0)),t.push=e.bind(null,t.push.bind(t))})(),r.nc=void 0;var a=r.O(void 0,[987],(()=>r(39234)));a=r.O(a)})();
100  6020 100  6020   0     0 128295     0  --:--:-- --:--:-- --:--:-- 128085
* Connection #0 to host cdn.casebookuat.net:443 left intact
$ echo "cdn.casebook.net"
cdn.casebook.net
$ curl https://cdn.casebook.net/apps/authentication/static/1887461023/bundle.296.5ab983d0e00a660d1399.js -vi
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0   0     0   0     0     0     0  --:--:-- --:--:-- --:--:--     0* Host cdn.casebook.net:443 was resolved.
* IPv6: 2600:9000:286d:2a00:11:c0fd:c1c0:93a1, 2600:9000:286d:5a00:11:c0fd:c1c0:93a1, 2600:9000:286d:1400:11:c0fd:c1c0:93a1, 2600:9000:286d:8a00:11:c0fd:c1c0:93a1, 2600:9000:286d:2600:11:c0fd:c1c0:93a1, 2600:9000:286d:d000:11:c0fd:c1c0:93a1, 2600:9000:286d:2c00:11:c0fd:c1c0:93a1, 2600:9000:286d:4800:11:c0fd:c1c0:93a1
* IPv4: 3.170.19.32, 3.170.19.80, 3.170.19.54, 3.170.19.123
*   Trying [2600:9000:286d:2a00:11:c0fd:c1c0:93a1]:443...
* Immediate connect fail for 2600:9000:286d:2a00:11:c0fd:c1c0:93a1: Network unreachable
*   Trying 3.170.19.32:443...
* ALPN: curl offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [1562 bytes data]
* SSL Trust Anchors:
*   CAfile: /cacert.pem
* Recv failure: Connection reset by peer
* TLS connect error: error:00000000:lib(0)::reason(0)
* OpenSSL SSL_connect: Connection reset by peer in connection to cdn.casebook.net:443 
  0     0   0     0   0     0     0     0  --:--:-- --:--:-- --:--:--     0
* closing connection #0
curl: (35) Recv failure: Connection reset by peer
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: command terminated with exit code 35
Edited by 🤖 GitLab Bot 🤖