gnutls_handshake() failed: Error in the pull function

ubuntu wget curl gnutls
21,684

After some analysis I have come to the conclusion that the reason must be one of:

  1. That host has blocked my IP from opening connections on port 443.
  2. Some kind of firewall has blocked me from opening connections on port 443.

I solved it by using another server.

Share:
21,684

Related videos on Youtube

joscul
Author by

joscul

Updated on September 18, 2022

Comments

  • joscul
    joscul over 1 year

    I have a problem with my Ubuntu (Ubuntu 16.04.5 LTS) server. It is very strange. When I try to use any tool for fetching a specific URL over ssl it fails. Examples:

    CURL

    curl -v https://www.netonnet.se/
*   Trying 91.198.164.24...
* Connected to www.netonnet.se (91.198.164.24) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 596 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* gnutls_handshake() failed: Error in the pull function.
* Closing connection 0
curl: (35) gnutls_handshake() failed: Error in the pull function.

    WGET

    wget -v https://www.netonnet.se/
--2018-12-29 12:00:42--  https://www.netonnet.se/
Resolving www.netonnet.se (www.netonnet.se)... 91.198.164.24
Connecting to www.netonnet.se (www.netonnet.se)|91.198.164.24|:443... connected.
Unable to establish SSL connection

    Any other way I try to access this website also fails so it must be something deeper, these requests are successful on all other servers I tried it on. It affects all users on this sever. I don't use any proxys on this server. How do I debug this?

    EDIT

    This is what I get when I try openssl. There seems to be something wrong with fetching the certificate from the host.

    # openssl s_client  -servername www.netonnet.se -connect www.netonnet.se:443
CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 317 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Resumption PSK:
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1546109807
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

unauthenticated http proxy, wget fails, curl works
Ubuntu 11.10, using wget/curl fails with ssl
How to change libcurl SSL backend from gnutls to openssl on Ubuntu server
Download an SSL certificate from a remote website through a proxy
Using wget to download select directories from ftp server
Batch script get html site and parse content (without wget, curl or other external app)
Downloading .sh files through Terminal
Command line URL fetch with JavaScript capabliity
libcurl does not support HTTPS
Wget or similar for Android