[SOLVED] Proxmox pv enterprise repo not working and subscription issue

[Mike85]

Hello,

I have just installed a new proxmox server and ordered a subscription for it.

Right now I do have two Issues.

1. I do have a problems to access the enterprise repo, no-sub repo works fine.

Err:6 https://enterprise.proxmox.com/debian/pve buster Release
Could not handshake: An unexpected TLS packet was received. [IP: x.x.x.x 80]
Get:7 http://download.proxmox.com/debian/ceph-nautilus buster InRelease [2,889 B]
Hit:8 http://download.proxmox.com/debian/pve buster InRelease
Get:9 http://download.proxmox.com/debian/ceph-nautilus buster/main amd64 Packages [87.3 kB]
Reading package lists... Done
E: The repository 'https://enterprise.proxmox.com/debian/pve buster Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

2. I have only received one "Subscription Key", where do I have to enter it for activation?


Sorry I have only worked with non-sub bevor.

 

[ermanishchawla]

Go to DataCenter><Servername> >Subscription>Upload SubscriptionKey

 

[Mike85]

Thanks worked. But still the repo issue.

 

[Stoiko Ivanov]

Could not handshake: An unexpected TLS packet was received. [IP: x.x.x.x 80]

seems there is a problem in connecting to enterprise.proxmox.com via https (in the TLS connection)...

do you have some kind of proxy in between your node and enterprise.proxmox.com/the internet?

make sure you can connect successfully to https://enterprise.proxmox.com

curl -v https://enterprise.proxmox.com
openssl s_client -connect enterprise.proxmox.com:443

should give some hints

 

[Mike85]

Thanks, yes we are using a proxy:

* Expire in 0 ms for 1 (transfer 0x564d186eff50)
* Expire in 0 ms for 1 (transfer 0x564d186eff50)
* Expire in 1 ms for 1 (transfer 0x564d186eff50)
* Expire in 0 ms for 1 (transfer 0x564d186eff50)
* Expire in 0 ms for 1 (transfer 0x564d186eff50)
* Expire in 0 ms for 1 (transfer 0x564d186eff50)
* Trying IP...
* TCP_NODELAY set
* Expire in 150000 ms for 3 (transfer 0x564d186eff50)
* Expire in 200 ms for 4 (transfer 0x564d186eff50)
* Connected to proxy (IP) port 80 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to enterprise.proxmox.com:443
> CONNECT enterprise.proxmox.com:443 HTTP/1.1
> Host: enterprise.proxmox.com:443
> User-Agent: curl/7.64.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CONNECT phase completed!
* CONNECT phase completed!
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: CN=enterprise.proxmox.com
* start date: Jul 15 04:03:36 2020 GMT
* expire date: Oct 13 04:03:36 2020 GMT
* subjectAltName: host "enterprise.proxmox.com" matched cert's "enterprise.proxmox.com"
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: enterprise.proxmox.com
> User-Agent: curl/7.64.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx
< Date: Tue, 11 Aug 2020 11:34:17 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
<
<html>
<head><title>Index of /</title></head>
<body bgcolor="white">
<h1>Index of /</h1><hr><pre><a href="../">../</a>
<a href="debian/">debian/</a> 15-Dec-2017 08:19 -
</pre><hr></body>
</html>


If I request "openssl s_client -connect enterprise.proxmox.com:443" I do not reciever any answer.


Proxy Settings:

/etc/profile
MY_PROXY_URL="http://prox.iodocs.com:80/"
HTTP_PROXY=$MY_PROXY_URL
HTTPS_PROXY=$MY_PROXY_URL
FTP_PROXY=$MY_PROXY_URL
http_proxy=$MY_PROXY_URL
https_proxy=$MY_PROXY_URL
ftp_proxy=$MY_PROXY_URL
export HTTP_PROXY HTTPS_PROXY FTP_PROXY http_proxy https_proxy ftp_proxy
root@client:~# source /etc/profile

/etc/apt/apt.conf
Acquire::http:roxy "http://prox.iodocs.com:80/";
Acquire::https:roxy "https://prox.iodocs.com:80/";
Acquire::ftp:roxy "ftp://prox.iodocs.com:80/";

 

[Stoiko Ivanov]

Acquire::http:roxy "http://prox.iodocs.com:80/";
Acquire::https:roxy "https://prox.iodocs.com:80/";

A colleague of mine just pointed this out - try setting:
Acquire::https:proxy "http://prox.iodocs.com:80/"

i.e. without the https:// for the proxy-url - one proxy on one port can not simultaneously speak http+https+ftp on one port....

if this does not work - try dropping the https+ftp proxy config lines completely

 

[Mike85]

We had an proxy issue, the problem is solved now.

Thanks

 

[Stoiko Ivanov]

Glad you resolved your issue - please mark the thread as 'SOLVED' - this helps other users with similar questions
Thanks!