[SOLVED] GnuTLS: Error in the pull function.

L

lewik

New Member
Apr 19, 2020
2
0
1
37
Fresh installation, no custom settings.
Try to download some files on host os (same result on vms):
Code: 
wget https://jitpack.io/com/github/lewik/klog/klog-metadata/1.3.70/klog-metadata-1.3.70.pom

--2020-04-19 12:27:35--  https://jitpack.io/com/github/lewik/klog/klog-metadata/1.3.70/klog-metadata-1.3.70.pom
Resolving jitpack.io (jitpack.io)... 104.26.8.99, 104.26.9.99, 2606:4700:20::681a:863, ...
Connecting to jitpack.io (jitpack.io)|104.26.8.99|:443... connected.
GnuTLS: Error in the pull function.
Unable to establish SSL connection


Code: 
curl -v https://jitpack.io/com/github/lewik/klog/klog-metadata/1.3.70/klog-metadata-1.3.70.pom

* Expire in 0 ms for 6 (transfer 0x561b93317f50)
...a lot of * Expire in ...
*   Trying 104.26.8.99...
* TCP_NODELAY set
* Expire in 149999 ms for 3 (transfer 0x561b93317f50)
* Expire in 200 ms for 4 (transfer 0x561b93317f50)
* Connected to jitpack.io (104.26.8.99) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to jitpack.io:443
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to jitpack.io:443


The same commands on the local machine work.
 
Last edited:
did you tried wget and curl with skipping ssl?

wget https://jitpack.io/com/github/lewik/klog/klog-metadata/1.3.70/klog-metadata-1.3.70.pom --no-check-certificate

And curl with
curl -v https://jitpack.io/com/github/lewik/klog/klog-metadata/1.3.70/klog-metadata-1.3.70.pom -k
 
PVE 3.4 uses wget from Wheezy v7.11 that does not support TLS. The last version of wget from the debian archive is v1.13.4-3+deb7u6. There is an updated version for it at:
http://deb.freexian.com/extended-lts/pool/main/w/wget/wget_1.13.4-3+deb7u8_amd64.deb

This addresses the following:
* Non-maintainer upload by the Debian ELTS Team
* CVE-2016-7098
files rejected by access list are kept on the disk for the duration of HTTP connection
However, the TLS error still persists:
Code: 
# /usr/bin/wget --no-check-certificate https://download.rockylinux.org/pub/rocky/8.3/isos/x86_64/Rocky-8.3-x86_64-minimal.iso
--2021-05-10 05:50:00--  https://download.rockylinux.org/pub/rocky/8.3/isos/x86_64/Rocky-8.3-x86_64-minimal.iso
Resolving download.rockylinux.org (download.rockylinux.org)... 151.101.154.132
Connecting to download.rockylinux.org (download.rockylinux.org)|151.101.154.132|:443... connected.
GnuTLS: A TLS fatal alert has been received.
Unable to establish SSL connection.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom