I've recently being getting an intermittent issue on my builds. My post-clone script calls yarn install to set up dependencies for the app. Occasionally it will fail at this step fetching packages, on what I'm assuming is the package stored in a private gitlab repository for the company.
The repository is accessible over the internet for ssh, and uses ssh keys for authentication. I install the private key at the start of the script, it's stored as an environment variable in the workflow configuration. Here's what the error looks like, note that the cert altnames are different every time:
[2/4] Fetching packages...
error Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames: Host: <private-repo.com>. is not in the cert's altnames: DNS:*.outsystemsenterprise.com, DNS:outsystemsenterprise.com
at new NodeError (node:internal/errors:387:5)
at Object.checkServerIdentity (node:tls:354:12)
at TLSSocket.onConnectSecure (node:_tls_wrap:1549:27)
at TLSSocket.emit (node:events:513:28)
at TLSSocket._finishInit (node:_tls_wrap:953:8)
at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:734:12)