ubuntu 18.04 failed to connect to some HTTPS sites












3















I have just formatted my laptop and did a clean install of Ubuntu 18.04.
While installing some of my development packages I found issues using both rubygems and python pip. It gives SSL related errors. I cant access their sites either. (Connection reset error message)



Here is the error installing latest version of PIP



Connected to bootstrap.pypa.io (2a04:4e42::175) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [215 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [112 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [3805 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [300 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [37 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to bootstrap.pypa.io:443
* stopped the pause stream!
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to bootstrap.pypa.io:443


And rubygems:



gem update --system
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
Errno::ECONNRESET: Connection reset by peer - SSL_connect (https://api.rubygems.org/specs.4.8.gz)


Edit:



I cant even connect to curl website using curl:



➜ curl -v https://curl.haxx.se/mail/archive-2015-08/0015.html
* Trying 2a04:4e42::561...
* TCP_NODELAY set
* Connected to curl.haxx.se (2a04:4e42::561) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to curl.haxx.se:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to curl.haxx.se:443


I tried to update openssl and ca-certificates packages but same issue.
Openssl version: OpenSSL 1.1.0g 2 Nov 2017



Does anybody have an idea whats going on? This didn't happen in a VM a couple of days ago.



Edit Tested again in a VM connected to the same network and provisioned the same way and it works!! Something really strange.



Thank you.










share|improve this question

























  • I would suggest grabbing the cert and comparing it against a cert grabbed from a completely different network connection where it verifies just fine. Could be a mitm attempt perhaps?

    – dobey
    May 31 '18 at 21:14











  • I saw a difference between my laptop and VM. it seems that my laptop always try to connect using ipv6, while in my VM it uses ipv4. I disabled ipv6 in network manager but it doesn't seem to work.

    – brpaz
    Jun 1 '18 at 15:29


















3















I have just formatted my laptop and did a clean install of Ubuntu 18.04.
While installing some of my development packages I found issues using both rubygems and python pip. It gives SSL related errors. I cant access their sites either. (Connection reset error message)



Here is the error installing latest version of PIP



Connected to bootstrap.pypa.io (2a04:4e42::175) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [215 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [112 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [3805 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [300 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [37 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to bootstrap.pypa.io:443
* stopped the pause stream!
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to bootstrap.pypa.io:443


And rubygems:



gem update --system
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
Errno::ECONNRESET: Connection reset by peer - SSL_connect (https://api.rubygems.org/specs.4.8.gz)


Edit:



I cant even connect to curl website using curl:



➜ curl -v https://curl.haxx.se/mail/archive-2015-08/0015.html
* Trying 2a04:4e42::561...
* TCP_NODELAY set
* Connected to curl.haxx.se (2a04:4e42::561) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to curl.haxx.se:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to curl.haxx.se:443


I tried to update openssl and ca-certificates packages but same issue.
Openssl version: OpenSSL 1.1.0g 2 Nov 2017



Does anybody have an idea whats going on? This didn't happen in a VM a couple of days ago.



Edit Tested again in a VM connected to the same network and provisioned the same way and it works!! Something really strange.



Thank you.










share|improve this question

























  • I would suggest grabbing the cert and comparing it against a cert grabbed from a completely different network connection where it verifies just fine. Could be a mitm attempt perhaps?

    – dobey
    May 31 '18 at 21:14











  • I saw a difference between my laptop and VM. it seems that my laptop always try to connect using ipv6, while in my VM it uses ipv4. I disabled ipv6 in network manager but it doesn't seem to work.

    – brpaz
    Jun 1 '18 at 15:29
















3












3








3








I have just formatted my laptop and did a clean install of Ubuntu 18.04.
While installing some of my development packages I found issues using both rubygems and python pip. It gives SSL related errors. I cant access their sites either. (Connection reset error message)



Here is the error installing latest version of PIP



Connected to bootstrap.pypa.io (2a04:4e42::175) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [215 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [112 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [3805 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [300 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [37 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to bootstrap.pypa.io:443
* stopped the pause stream!
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to bootstrap.pypa.io:443


And rubygems:



gem update --system
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
Errno::ECONNRESET: Connection reset by peer - SSL_connect (https://api.rubygems.org/specs.4.8.gz)


Edit:



I cant even connect to curl website using curl:



➜ curl -v https://curl.haxx.se/mail/archive-2015-08/0015.html
* Trying 2a04:4e42::561...
* TCP_NODELAY set
* Connected to curl.haxx.se (2a04:4e42::561) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to curl.haxx.se:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to curl.haxx.se:443


I tried to update openssl and ca-certificates packages but same issue.
Openssl version: OpenSSL 1.1.0g 2 Nov 2017



Does anybody have an idea whats going on? This didn't happen in a VM a couple of days ago.



Edit Tested again in a VM connected to the same network and provisioned the same way and it works!! Something really strange.



Thank you.










share|improve this question
















I have just formatted my laptop and did a clean install of Ubuntu 18.04.
While installing some of my development packages I found issues using both rubygems and python pip. It gives SSL related errors. I cant access their sites either. (Connection reset error message)



Here is the error installing latest version of PIP



Connected to bootstrap.pypa.io (2a04:4e42::175) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [215 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [112 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [3805 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [300 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [37 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to bootstrap.pypa.io:443
* stopped the pause stream!
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to bootstrap.pypa.io:443


And rubygems:



gem update --system
ERROR: While executing gem ... (Gem::RemoteFetcher::FetchError)
Errno::ECONNRESET: Connection reset by peer - SSL_connect (https://api.rubygems.org/specs.4.8.gz)


Edit:



I cant even connect to curl website using curl:



➜ curl -v https://curl.haxx.se/mail/archive-2015-08/0015.html
* Trying 2a04:4e42::561...
* TCP_NODELAY set
* Connected to curl.haxx.se (2a04:4e42::561) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to curl.haxx.se:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to curl.haxx.se:443


I tried to update openssl and ca-certificates packages but same issue.
Openssl version: OpenSSL 1.1.0g 2 Nov 2017



Does anybody have an idea whats going on? This didn't happen in a VM a couple of days ago.



Edit Tested again in a VM connected to the same network and provisioned the same way and it works!! Something really strange.



Thank you.







networking 18.04 ssl






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jun 1 '18 at 15:27







brpaz

















asked May 31 '18 at 20:57









brpazbrpaz

157214




157214













  • I would suggest grabbing the cert and comparing it against a cert grabbed from a completely different network connection where it verifies just fine. Could be a mitm attempt perhaps?

    – dobey
    May 31 '18 at 21:14











  • I saw a difference between my laptop and VM. it seems that my laptop always try to connect using ipv6, while in my VM it uses ipv4. I disabled ipv6 in network manager but it doesn't seem to work.

    – brpaz
    Jun 1 '18 at 15:29





















  • I would suggest grabbing the cert and comparing it against a cert grabbed from a completely different network connection where it verifies just fine. Could be a mitm attempt perhaps?

    – dobey
    May 31 '18 at 21:14











  • I saw a difference between my laptop and VM. it seems that my laptop always try to connect using ipv6, while in my VM it uses ipv4. I disabled ipv6 in network manager but it doesn't seem to work.

    – brpaz
    Jun 1 '18 at 15:29



















I would suggest grabbing the cert and comparing it against a cert grabbed from a completely different network connection where it verifies just fine. Could be a mitm attempt perhaps?

– dobey
May 31 '18 at 21:14





I would suggest grabbing the cert and comparing it against a cert grabbed from a completely different network connection where it verifies just fine. Could be a mitm attempt perhaps?

– dobey
May 31 '18 at 21:14













I saw a difference between my laptop and VM. it seems that my laptop always try to connect using ipv6, while in my VM it uses ipv4. I disabled ipv6 in network manager but it doesn't seem to work.

– brpaz
Jun 1 '18 at 15:29







I saw a difference between my laptop and VM. it seems that my laptop always try to connect using ipv6, while in my VM it uses ipv4. I disabled ipv6 in network manager but it doesn't seem to work.

– brpaz
Jun 1 '18 at 15:29












1 Answer
1






active

oldest

votes


















2














I solved it, by disabling ipv6 on my machine. Dont really know why but it worked.



To disable ipV6 on Ubuntu or Linux Mint, follow this tutorial: https://support.purevpn.com/how-to-disable-ipv6-linuxubuntu



Disabling in network manager was not enough.






share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "89"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1042440%2fubuntu-18-04-failed-to-connect-to-some-https-sites%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    2














    I solved it, by disabling ipv6 on my machine. Dont really know why but it worked.



    To disable ipV6 on Ubuntu or Linux Mint, follow this tutorial: https://support.purevpn.com/how-to-disable-ipv6-linuxubuntu



    Disabling in network manager was not enough.






    share|improve this answer




























      2














      I solved it, by disabling ipv6 on my machine. Dont really know why but it worked.



      To disable ipV6 on Ubuntu or Linux Mint, follow this tutorial: https://support.purevpn.com/how-to-disable-ipv6-linuxubuntu



      Disabling in network manager was not enough.






      share|improve this answer


























        2












        2








        2







        I solved it, by disabling ipv6 on my machine. Dont really know why but it worked.



        To disable ipV6 on Ubuntu or Linux Mint, follow this tutorial: https://support.purevpn.com/how-to-disable-ipv6-linuxubuntu



        Disabling in network manager was not enough.






        share|improve this answer













        I solved it, by disabling ipv6 on my machine. Dont really know why but it worked.



        To disable ipV6 on Ubuntu or Linux Mint, follow this tutorial: https://support.purevpn.com/how-to-disable-ipv6-linuxubuntu



        Disabling in network manager was not enough.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Jun 1 '18 at 15:37









        brpazbrpaz

        157214




        157214






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Ask Ubuntu!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1042440%2fubuntu-18-04-failed-to-connect-to-some-https-sites%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            flock() on closed filehandle LOCK_FILE at /usr/bin/apt-mirror

            Mangá

            Eduardo VII do Reino Unido