Atom Packages all fail to install

Question

Atom Packages all fail to install

BryantIT opened this issue 4 years ago · 5 comments

BryantIT commented 4 years ago

Prerequisites

[ X] Put an X between the brackets on this line if you have done all of the following:
- Reproduced the problem in Safe Mode: https://flight-manual.atom.io/hacking-atom/sections/debugging/#using-safe-mode
- Followed all applicable steps in the debugging guide: https://flight-manual.atom.io/hacking-atom/sections/debugging/
- Checked the FAQs on the message board for common solutions: https://discuss.atom.io/c/faq
- Checked that your issue isn't already filed: https://github.com/issues?utf8=✓&q=is%3Aissue+user%3Aatom
- Checked that there is not already an Atom package that provides the described functionality: https://atom.io/packages

Description

All atempts at installing Atom packages fail

Steps to Reproduce

Attempt to install an Atom package

Expected behavior:

To be able to install packages

Actual behavior:

2 different alternating errors when trying to install a package both via Atom directly and via the command line.

Reproduces how often:

100%

Versions

Atom : 1.43.0
Electron: 4.2.7
Chrome : 69.0.3497.128
Node : 10.11.0

apm 2.4.3
npm 6.2.0
node 10.2.1 x64
atom 1.43.0
python 2.7.17
git 2.17.1

I'm on Ubuntu
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic

Additional Information

Have tried this on over 10 different packages. Just started yesterday having this problem. I'll post the error log for 2 of them below.

0 info it worked if it ends with ok
1 verbose cli [ '/usr/share/atom/resources/app/apm/bin/node',
1 verbose cli   '/usr/share/atom/resources/app/apm/node_modules/npm/bin/npm-cli.js',
1 verbose cli   '--globalconfig',
1 verbose cli   '/home/ninjalikereflex/.atom/.apm/.apmrc',
1 verbose cli   '--userconfig',
1 verbose cli   '/home/ninjalikereflex/.atom/.apmrc',
1 verbose cli   'install',
1 verbose cli   'https://www.atom.io/api/packages/linter-eslint/versions/8.5.5/tarball',
1 verbose cli   '--target=4.2.7',
1 verbose cli   '--disturl=https://atom.io/download/electron',
1 verbose cli   '--arch=x64',
1 verbose cli   '--global-style' ]
2 info using npm@6.2.0
3 info using node@v10.2.1
4 verbose npm-session 36d516d38a0dba6c
5 silly install loadCurrentTree
6 silly install readLocalPackageData
7 silly fetchPackageMetaData error for https://www.atom.io/api/packages/linter-eslint/versions/8.5.5/tarball request to https://codeload.github.com/AtomLinter/linter-eslint/legacy.tar.gz/v8.5.5 failed, reason: unable to verify the first certificate
8 timing stage:rollbackFailedOptional Completed in 3ms
9 timing stage:runTopLevelLifecycles Completed in 2453ms
10 verbose type system
11 verbose stack FetchError: request to https://codeload.github.com/AtomLinter/linter-eslint/legacy.tar.gz/v8.5.5 failed, reason: unable to verify the first certificate
11 verbose stack     at ClientRequest.req.on.err (/usr/share/atom/resources/app/apm/node_modules/npm/node_modules/node-fetch-npm/src/index.js:68:14)
11 verbose stack     at ClientRequest.emit (events.js:182:13)
11 verbose stack     at TLSSocket.socketErrorListener (_http_client.js:382:9)
11 verbose stack     at TLSSocket.emit (events.js:182:13)
11 verbose stack     at emitErrorNT (internal/streams/destroy.js:82:8)
11 verbose stack     at emitErrorAndCloseNT (internal/streams/destroy.js:50:3)
11 verbose stack     at process._tickCallback (internal/process/next_tick.js:63:19)
12 verbose cwd /tmp/apm-install-dir-12013-25239-yv13cj.s2mv
13 verbose Linux 5.3.0-26-generic
14 verbose argv "/usr/share/atom/resources/app/apm/bin/node" "/usr/share/atom/resources/app/apm/node_modules/npm/bin/npm-cli.js" "--globalconfig" "/home/ninjalikereflex/.atom/.apm/.apmrc" "--userconfig" "/home/ninjalikereflex/.atom/.apmrc" "install" "https://www.atom.io/api/packages/linter-eslint/versions/8.5.5/tarball" "--target=4.2.7" "--disturl=https://atom.io/download/electron" "--arch=x64" "--global-style"
15 verbose node v10.2.1
16 verbose npm  v6.2.0
17 error code UNABLE_TO_VERIFY_LEAF_SIGNATURE
18 error errno UNABLE_TO_VERIFY_LEAF_SIGNATURE
19 error request to https://codeload.github.com/AtomLinter/linter-eslint/legacy.tar.gz/v8.5.5 failed, reason: unable to verify the first certificate
20 verbose exit [ 1, true ]

0 info it worked if it ends with ok
1 verbose cli [ '/usr/share/atom/resources/app/apm/bin/node',
1 verbose cli   '/usr/share/atom/resources/app/apm/node_modules/npm/bin/npm-cli.js',
1 verbose cli   '--globalconfig',
1 verbose cli   '/home/ninjalikereflex/.atom/.apm/.apmrc',
1 verbose cli   '--userconfig',
1 verbose cli   '/home/ninjalikereflex/.atom/.apmrc',
1 verbose cli   'install',
1 verbose cli   'https://www.atom.io/api/packages/pigments/versions/0.40.2/tarball',
1 verbose cli   '--target=4.2.7',
1 verbose cli   '--disturl=https://atom.io/download/electron',
1 verbose cli   '--arch=x64',
1 verbose cli   '--global-style' ]
2 info using npm@6.2.0
3 info using node@v10.2.1
4 verbose npm-session e422be88c483d26b
5 silly install loadCurrentTree
6 silly install readLocalPackageData
7 http fetch GET 404 https://www.atom.io/api/packages/pigments/versions/0.40.2/tarball 1371ms
8 silly fetchPackageMetaData error for https://www.atom.io/api/packages/pigments/versions/0.40.2/tarball 404 Not Found: https://www.atom.io/api/packages/pigments/versions/0.40.2/tarball
9 timing stage:rollbackFailedOptional Completed in 2ms
10 timing stage:runTopLevelLifecycles Completed in 3186ms
11 verbose stack Error: 404 Not Found: https://www.atom.io/api/packages/pigments/versions/0.40.2/tarball
11 verbose stack     at fetch.then.res (/usr/share/atom/resources/app/apm/node_modules/npm/node_modules/pacote/lib/fetchers/registry/fetch.js:42:19)
11 verbose stack     at tryCatcher (/usr/share/atom/resources/app/apm/node_modules/npm/node_modules/bluebird/js/release/util.js:16:23)
11 verbose stack     at Promise._settlePromiseFromHandler (/usr/share/atom/resources/app/apm/node_modules/npm/node_modules/bluebird/js/release/promise.js:512:31)
11 verbose stack     at Promise._settlePromise (/usr/share/atom/resources/app/apm/node_modules/npm/node_modules/bluebird/js/release/promise.js:569:18)
11 verbose stack     at Promise._settlePromise0 (/usr/share/atom/resources/app/apm/node_modules/npm/node_modules/bluebird/js/release/promise.js:614:10)
11 verbose stack     at Promise._settlePromises (/usr/share/atom/resources/app/apm/node_modules/npm/node_modules/bluebird/js/release/promise.js:693:18)
11 verbose stack     at Async._drainQueue (/usr/share/atom/resources/app/apm/node_modules/npm/node_modules/bluebird/js/release/async.js:133:16)
11 verbose stack     at Async._drainQueues (/usr/share/atom/resources/app/apm/node_modules/npm/node_modules/bluebird/js/release/async.js:143:10)
11 verbose stack     at Immediate.Async.drainQueues [as _onImmediate] (/usr/share/atom/resources/app/apm/node_modules/npm/node_modules/bluebird/js/release/async.js:17:14)
11 verbose stack     at runCallback (timers.js:696:18)
11 verbose stack     at tryOnImmediate (timers.js:667:5)
11 verbose stack     at processImmediate (timers.js:649:5)
12 verbose cwd /tmp/apm-install-dir-12014-27411-thwzqg.j80t
13 verbose Linux 5.3.0-28-generic
14 verbose argv "/usr/share/atom/resources/app/apm/bin/node" "/usr/share/atom/resources/app/apm/node_modules/npm/bin/npm-cli.js" "--globalconfig" "/home/ninjalikereflex/.atom/.apm/.apmrc" "--userconfig" "/home/ninjalikereflex/.atom/.apmrc" "install" "https://www.atom.io/api/packages/pigments/versions/0.40.2/tarball" "--target=4.2.7" "--disturl=https://atom.io/download/electron" "--arch=x64" "--global-style"
15 verbose node v10.2.1
16 verbose npm  v6.2.0
17 error code E404
18 error 404 Not Found: https://www.atom.io/api/packages/pigments/versions/0.40.2/tarball
19 verbose exit [ 1, true ]

Answer 1 · 2020-02-04T17:32:41.000Z

FetchError: request to https://codeload.github.com/AtomLinter/linter-eslint/legacy.tar.gz/v8.5.5 failed, reason: unable to verify the first certificate

As I already told you, this means your system is unable to validate the certificate for codeload.github.com. What does the following command give you?

echo | openssl s_client -connect codeload.github.com:443 -servername codeload.github.com

The output should look like this.

> echo | openssl s_client -connect codeload.github.com:443 -servername codeload.github.com
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
verify return:1
depth=0 C = US, ST = California, L = San Francisco, O = "GitHub, Inc.", CN = *.github.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=*.github.com
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
 1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
   i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgIQAzcKtii/mNK7zeHCeX1GNDANBgkqhkiG9w0BAQsFADBw
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS8wLQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNz
dXJhbmNlIFNlcnZlciBDQTAeFw0xOTA3MDgwMDAwMDBaFw0yMDA3MTYxMjAwMDBa
MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T
YW4gRnJhbmNpc2NvMRUwEwYDVQQKEwxHaXRIdWIsIEluYy4xFTATBgNVBAMMDCou
Z2l0aHViLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALKk6u9U
B/RrGpmany2dsicZBnCiE3XMCpvhwuSfnxQFEYaJLFhEjRQ5ZXgJNg9lw5KO3nsK
xrmqKcnGJoUsQs8PO7yWhJkCEYYubWaZhKyvvE89/8ehBzKhFAGXnkMBE7NX2t9f
et5HMbKsGFxXV3cnube5UHrNEp1B6uQHiyKNLIn+Mh5tufrW2IqMsm6mx0w1IHLS
kwO58HR0vYToQf2azRe2rbnBwYoUuy1y4rUWEbj9JjG08VtE61JrACADyzXahrTI
LIFUpPUULzKmYJiv0klb24AyNxIM21ziwJoygtO0SWnm9spVHKmOlU+k5wvvkrWe
QbzxyfSS+TDSUDUCAwEAAaOCAvkwggL1MB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZ
ZWRiohK4WXI7MB0GA1UdDgQWBBTPHAIJL+PAi+ucsDd9zSXeEc4i9jAjBgNVHREE
HDAaggwqLmdpdGh1Yi5jb22CCmdpdGh1Yi5jb20wDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB1BgNVHR8EbjBsMDSgMqAwhi5o
dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYuY3JsMDSg
MqAwhi5odHRwOi8vY3JsNC5kaWdpY2VydC5jb20vc2hhMi1oYS1zZXJ2ZXItZzYu
Y3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBz
Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMIGDBggrBgEFBQcBAQR3
MHUwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBNBggrBgEF
BQcwAoZBaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0U0hBMkhp
Z2hBc3N1cmFuY2VTZXJ2ZXJDQS5jcnQwDAYDVR0TAQH/BAIwADCCAQQGCisGAQQB
1nkCBAIEgfUEgfIA8AB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGF
AAABa9K+djMAAAQDAEcwRQIgX887fhS8bskpm0GLMDwFpZxX9Itq6NVXic2s0u5H
MkoCIQD2g/GrOkxiEBsvOU33OaBWa/YpVM2q34oPQYsT2BBiTAB2AId1v+dZfPiM
Q5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABa9K+dnUAAAQDAEcwRQIgKW7YYDCy
ZPlFtWRvxTSRnqgO8eVZaNIQircmagyJDUMCIQDTxO+FTCqXc9+zVTofe0fK27G4
MgvfuWw79FcXRAJ5eTANBgkqhkiG9w0BAQsFAAOCAQEAY5betC2DT9nbXVqVXvI/
JF+XUR605OvYZ1QG2OBm2ktMhgtpFoRQmh2sPHvgTijVpP9NX/jlPrnTm9Wo9w7g
lKqKYj+YEKgzEugiVF/q0d2NkeetEyNL6rHuvid9BS4o9Yzc8l346CDaKbV1PPkh
uBNsudoG1CwgWrB/FWzw1L3UevSkmXV9ZTcgGIZFvkJOSYR6vb6nh2Pjf6B9r70P
Qa989SEODJ14iaD0Nb5KtE+FJH+rweQgh8ibRdZeNNbHM5t56UVL9PvXvXWMTzQ4
gG0/1LcruPG4BpbHkRoKAOPjAauO4w0NMReg2qRIraSB6eLZwvpf2SyuHoaoXSgt
kg==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=San Francisco/O=GitHub, Inc./CN=*.github.com
issuer=/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3352 bytes and written 443 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: FC40890D9F46D753AA98ED2714A21F3D8BE515598BD0FB9A364761934BE38ABB
    Session-ID-ctx:
    Master-Key: DC81EB5BE9CB8FEA6AA788DEB385077682EBE8AA6FDAFE2F707B25AABE8E597F3A145B81BADE48630EF382FB6EB33813
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1580837245
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
DONE

As before, either your system is out of date, somebody is trying to MITM all your traffic, or you are behind a broken proxy server.

error 404 Not Found: https://www.atom.io/api/packages/pigments/versions/0.40.2/tarball

This URL loads perfectly fine here, the fact that this one is a 404 instead of a bad certificate makes me lean towards you being behind a broken proxy server.

Are you able to try using a different connection? VPN?

Answer 2 · 2020-02-04T17:48:33.000Z

Output is:

echo | openssl s_client -connect codeload.github.com:443 -servername codeload.github.com
CONNECTED(00000005)
depth=0 C = US, postalCode = 19103, ST = PA, L = Philadelphia, street = 1 Comcast Center, O = Comcast Corporation, OU = Hosted by Comcast Corporation, OU = EliteSSL, CN = low-xdns.xfinity.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = US, postalCode = 19103, ST = PA, L = Philadelphia, street = 1 Comcast Center, O = Comcast Corporation, OU = Hosted by Comcast Corporation, OU = EliteSSL, CN = low-xdns.xfinity.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:C = US, postalCode = 19103, ST = PA, L = Philadelphia, street = 1 Comcast Center, O = Comcast Corporation, OU = Hosted by Comcast Corporation, OU = EliteSSL, CN = low-xdns.xfinity.com
   i:C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Organization Validation Secure Server CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgIRANha3UJUpGlsYXmy6GiEqrgwDQYJKoZIhvcNAQELBQAw
gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
ZXJ2ZXIgQ0EwHhcNMTcwODA4MDAwMDAwWhcNMTkwODA4MjM1OTU5WjCB1DELMAkG
A1UEBhMCVVMxDjAMBgNVBBETBTE5MTAzMQswCQYDVQQIEwJQQTEVMBMGA1UEBxMM
UGhpbGFkZWxwaGlhMRkwFwYDVQQJExAxIENvbWNhc3QgQ2VudGVyMRwwGgYDVQQK
ExNDb21jYXN0IENvcnBvcmF0aW9uMSYwJAYDVQQLEx1Ib3N0ZWQgYnkgQ29tY2Fz
dCBDb3Jwb3JhdGlvbjERMA8GA1UECxMIRWxpdGVTU0wxHTAbBgNVBAMTFGxvdy14
ZG5zLnhmaW5pdHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
mopjEEufS7r8FYVwr3dQf4RCQNFnpvRO4F57aE5+msSkLRKVcY3tLxLi7Ve8A5tp
24VxGQEowT9sXyCoEh8TeKN01ebaQUgAfDdtnOKFRv74Pyct4oNzk7PiWpxRrSEX
9t+AW1DAHFWgQO7aO2eYTZfkFV6A2wHnhGXjEV5xUHFor2tNrrVTUAVXSu8xvyCL
JXREI/IGnp//jp89ydYRKgWp3t/ZS4n9CvenYN1zNn7hFecpNR+aduedBAa6MwZX
7JRqys+w5tg47iwze10heEkXX7tj1obcgpHl9Nqz2jcRgAR8oh5clT+P0fnwrct6
sOyx7a7LeUHcoIQ6dAGxvwIDAQABo4IB+DCCAfQwHwYDVR0jBBgwFoAUmvMr2s+t
T7YvuypISCoStxtCwSQwHQYDVR0OBBYEFDvmFAgrMvg3WA1WEla1VDjifH2ZMA4G
A1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjBQBgNVHSAESTBHMDsGDCsGAQQBsjEBAgEDBDArMCkGCCsGAQUF
BwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwBAgIwWgYD
VR0fBFMwUTBPoE2gS4ZJaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNB
T3JnYW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBiwYIKwYB
BQUHAQEEfzB9MFUGCCsGAQUFBzAChklodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D
T01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0
MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wOQYDVR0RBDIw
MIIUbG93LXhkbnMueGZpbml0eS5jb22CGHd3dy5sb3cteGRucy54ZmluaXR5LmNv
bTANBgkqhkiG9w0BAQsFAAOCAQEADu8b5oT3fD6HRbY3wNoKmnbfKvPwDvJblES0
wrns3PJ7B3YlVlXzyJhbscfuvopfAAYgl2LynGvV71EiPhL3tesNSDSaQKGwFBJT
ewNE16DhCh12cbTI6Scdp12SR+YQPPAgK1BtzcIjX8jF6iDHzBVvdWdqQLz6nVAE
FUlJ0bkqBUOMhHz+tv4/rm/EtbpI9lOhq1bywLs0oPTRMqWMuXX7Ni4TKY2nt0qW
dadInPwjTu6d22uf8V2Vido7Sbb0VW2zvv9tyEnIPgi7X+jWgiFYyW6EJti5nkQ3
wZJaNsrWLjZIuewNYJ9nEdJ07iChXZc5WINwQoPY9Rq6JNHlHA==
-----END CERTIFICATE-----
subject=C = US, postalCode = 19103, ST = PA, L = Philadelphia, street = 1 Comcast Center, O = Comcast Corporation, OU = Hosted by Comcast Corporation, OU = EliteSSL, CN = low-xdns.xfinity.com

issuer=C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Organization Validation Secure Server CA

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 2211 bytes and written 447 bytes
Verification error: unable to verify the first certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 0C43D8531ABA9B3469ECFF31F819B41EA59297E0B48094C387F5B7ACE9EB3C64
    Session-ID-ctx: 
    Master-Key: 7191E016D3FEC11DC7D2C7921544DA2C0057CAD361A47EB65F13DDA9ABF9A66AD598A34680C64AFD6F45E39532BFC3E2
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 600 (seconds)
    TLS session ticket:
    0000 - 20 94 c9 9b 5d 33 69 27-52 76 c6 2b b1 e2 52 7b    ...]3i'Rv.+..R{
    0010 - bf 7d 85 7b 69 95 11 65-70 4c 79 81 96 cd a0 ae   .}.{i..epLy.....
    0020 - 2d 0c 87 86 4c a8 50 b7-ee 3f 3b 02 f3 e8 04 94   -...L.P..?;.....
    0030 - 84 89 cb 6a 3e 6d 64 dd-2c 32 f5 b0 e7 27 51 7e   ...j>md.,2...'Q~
    0040 - 9c 03 98 ac c9 6e d6 0a-b6 b0 8b cf 6d b3 da f9   .....n......m...
    0050 - 54 b4 f1 a7 d6 87 04 82-ab ef ae 7f 8d 8c 2a 23   T.............*#
    0060 - 9a 6f a0 f2 8c e3 01 3b-e0 b7 cb c4 86 4a 3a 19   .o.....;.....J:.
    0070 - dd c2 17 86 7a 3f ed e9-8f 4d f6 a4 67 4e 04 63   ....z?...M..gN.c
    0080 - ac 26 37 db 0f 1b 6b 6b-6f 26 25 32 60 63 2c 23   .&7...kko&%2`c,#
    0090 - 05 98 61 6b 82 80 46 e5-66 12 6f 36 26 4c f1 79   ..ak..F.f.o6&L.y
    00a0 - d8 74 2d 51 8c 3c 32 24-c0 b3 c4 74 1a cd b8 0b   .t-Q.<2$...t....
    00b0 - e0 0d 04 fb 94 a9 a3 8b-34 e2 53 93 b8 44 83 2f   ........4.S..D./

    Start Time: 1580838171
    Timeout   : 7200 (sec)
    Verify return code: 21 (unable to verify the first certificate)
    Extended master secret: no
---
DONE

Answer 3 · 2020-02-04T17:53:27.000Z

If I run openssl s_client -CApath /etc/ssl/certs/ -connect address.com:443 it connects and certifies without an error.

As far as I can tell anything else I do (webpages, Kraken, just tested on VS code, git, etc all seem to be just fine. It's only when I am using Atom and apm.)

Answer 4 · 2020-02-04T18:14:39.000Z

depth=0 C = US, postalCode = 19103, ST = PA, L = Philadelphia, street = 1 Comcast Center, O = Comcast Corporation, OU = Hosted by Comcast Corporation, OU = EliteSSL, CN = low-xdns.xfinity.com
verify error:num=20:unable to get local issuer certificate
verify return:1

Looks like you are on Comcast and they are intercepting and attempting to modify the traffic. You'll need to contact Comcast support about this issue and ask them why they are breaking your internet connection.

Answer 5 · 2020-04-02T07:21:34.000Z

I'm getting GitHub errors due to this Comcast MiTM practice as well. Starting yesterday, various parts of GitHub.com are broken as is the desktop app.