ubuntu 18.04 failed to connect to some HTTPS sites
I solved it, by disabling ipv6 on my machine. Dont really know why but it worked.
To disable ipV6 on Ubuntu or Linux Mint, follow this tutorial: https://support.purevpn.com/how-to-disable-ipv6-linuxubuntu
Disabling in network manager was not enough.
Related videos on Youtube
10 : 10
01 : 11
03 : 30
05 : 55
07 : 20
brpaz
Web Engineer, specialized in PHP/Symfony and Golang. Enthusiast about CI/CD, Code Quality and Engineering practices. Believer that Tech only makes sense at the service of people!
Updated on September 18, 2022Comments
-
brpaz over 1 year
I have just formatted my laptop and did a clean install of Ubuntu 18.04. While installing some of my development packages I found issues using both rubygems and python pip. It gives SSL related errors. I cant access their sites either. (Connection reset error message)
Here is the error installing latest version of PIP
Connected to bootstrap.pypa.io (2a04:4e42::175) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs } [5 bytes data] * TLSv1.2 (OUT), TLS handshake, Client hello (1): } [215 bytes data] * TLSv1.2 (IN), TLS handshake, Server hello (2): { [112 bytes data] * TLSv1.2 (IN), TLS handshake, Certificate (11): { [3805 bytes data] * TLSv1.2 (IN), TLS handshake, Server key exchange (12): { [300 bytes data] * TLSv1.2 (IN), TLS handshake, Server finished (14): { [4 bytes data] * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): } [37 bytes data] * TLSv1.2 (OUT), TLS change cipher, Client hello (1): } [1 bytes data] * TLSv1.2 (OUT), TLS handshake, Finished (20): } [16 bytes data] * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to bootstrap.pypa.io:443 * stopped the pause stream! 0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0 * Closing connection 0 curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to bootstrap.pypa.io:443And rubygems:
gem update --system ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError) Errno::ECONNRESET: Connection reset by peer - SSL_connect (https://api.rubygems.org/specs.4.8.gz)Edit:
I cant even connect to curl website using curl:
➜ curl -v https://curl.haxx.se/mail/archive-2015-08/0015.html * Trying 2a04:4e42::561... * TCP_NODELAY set * Connected to curl.haxx.se (2a04:4e42::561) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to curl.haxx.se:443 * stopped the pause stream! * Closing connection 0 curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to curl.haxx.se:443I tried to update openssl and ca-certificates packages but same issue. Openssl version: OpenSSL 1.1.0g 2 Nov 2017
Does anybody have an idea whats going on? This didn't happen in a VM a couple of days ago.
Edit Tested again in a VM connected to the same network and provisioned the same way and it works!! Something really strange.
Thank you.
-
dobey almost 6 yearsI would suggest grabbing the cert and comparing it against a cert grabbed from a completely different network connection where it verifies just fine. Could be a mitm attempt perhaps?
-
brpaz almost 6 yearsI saw a difference between my laptop and VM. it seems that my laptop always try to connect using ipv6, while in my VM it uses ipv4. I disabled ipv6 in network manager but it doesn't seem to work.
-
