Disable default http redirects on 8007

I have done the tcpdumps, but i dont want to put them here as an attachement.
I'd like personal contact to transfer the files save.

I can make an downloadlink with a password,
i than mail the download link with e-mail.
And the password i can send to an mobile phone as 2 factor.

You can provide your mail and mobile to info@basisnederland.nl

Thanks Max Carrara
 
Hello everyone! I've got good news: Thanks to the logs and tcpdumps that @basisnederland had sent me, I was able (finally!) to track down the root cause of this bug. I just sent in a patch series containing a fix.

Once this series is applied, you should be able to immediately connect to your PBS instance on the first try, regardless of what circumstances your network is in.

In short, there was an error in the logic that handles the TLS handshake. That part of the code also had a timeout that was way too short - both of those are things that I hadn't considered when I first implemented the HTTP-to-HTTPS redirection feature. See the patch series for more details.

I will let you know once the patches have been merged and packaged. It will probably take some more time, so all you have to do now is be patient. ;)

Thank you all for all of the information you provided! It really helped a lot, especially @basisnederland's tcpdumps.
 
Any update yet Max?
Hello!

The patch series has been applied (the commit of the fix can be found here), but it will probably still take a little bit until it's all packaged and released. It will most likely be included in the next version of the proxmox-backup-server package (unless an issue comes up, but that's unlikely).

As always, once everything is packaged, the package will end up in our testing repository first, then in the no-subscription repo, and afterwards finally in the enterprise repository. (See here). This is mostly for quality assurance. So, no worries, it will be shipped eventually.
 
"It is very likely that the server does not speak TLS at all.
The client will start with the TLS handshake and the server will reply to this with some non-TLS response. The client expect the server to do its part of the TLS handshake though. Thus it will try to interpret the servers as response as TLS. This will lead to strange error messages depending on the TLS stack used by the client. With OpenSSL based stacks it will often result in wrong version number, since the trying to extract the TLS version number for the expected TLS record and get some unexpected results since the server did not actually send a TLS record."
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!