distributions: Error gnutls_handshake() failed: Handshake failed on debian
Hello,
Today, apt-get update
is failing with this error on my computer debian:
W: impossible de récupérer https://deb.nodesource.com/node_4.x/dists/jessie/main/binary-amd64/Packages : gnutls_handshake() failed: Handshake failed
E: Échec du téléchargement pour certains fichiers d'index. Soit ils ont été ignorés, soit les anciens fichiers ont été utilisés à la place.
E: Impossible de reconstruire le cache des paquets
Yesterday it worked, the issue seem to have appeared just a few hour ago. Any idea?
About this issue
- Original URL
- State: closed
- Created 8 years ago
- Reactions: 33
- Comments: 51 (1 by maintainers)
Commits related to this issue
- Use http instead of https (sic) for apt source This is a workaround for nodesource/distributions#388. `deb.nodesource.com` moved to CloudFront and some Linux distros (like Ubuntu 14.04) are unable t... — committed to mpdude/puppet-nodejs by mpdude 8 years ago
- Disable https in installation script Cloudfront is having an issue resulting in the following error ```Error gnutls_handshake() failed``` See https://github.com/nodesource/distributions/issues/388... — committed to DataDog/dd-agent by remh 8 years ago
Thanks all for posting - we’re investigating from our side and are in touch with AWS to gather more information. I will update this issue with more information as it becomes available.
I am having the same problem since today (AWS CodeBuild image with Ubuntu 14.04):
Failed to fetch https://deb.nodesource.com/node_10.x/dists/trusty/main/source/Sources gnutls_handshake() failed: Handshake failed
with the following command:
Is anyone experiencing this?
Thank you in advance.
@omeraplak @sqlProvider @ibrennan The issue is that you still have the old source files.
Please run first :
Then
Please confirm if this workaround does it for you. (Edit: As someone said before, this is a dirty temporary solution. When this is fixed upstream, please go back to using HTTPS for your packages)
Update: we (Docker) got informed that AWS identified a possible cause and is rolling out updates. It may take some time for those to be available everywhere. Hopefully the issue will be resolved by that. Keep us posted if the problem maintains, because the issue depends on which CDN mirror is picked by your machine.
Don’t forget to revert workarounds (e.g. overrides in
/etc/hosts
or removinghttps
) 😄I have the same problem Ubuntu 14.04
root@desenvolvimento:/home/bernardo# cat /etc/apt/sources.list.d/nodesource.list deb https://deb.nodesource.com/node_10.x trusty main deb-src https://deb.nodesource.com/node_10.x trusty main
I’ve run curl --silent https://deb.nodesource.com/gpgkey/nodesource.gpg.key | sudo apt-key add -
and the error continues
W: Falhou ao buscar https://deb.nodesource.com/node_10.x/dists/trusty/main/source/Sources gnutls_handshake() failed: Handshake failed
W: Falhou ao buscar https://deb.nodesource.com/node_10.x/dists/trusty/main/binary-amd64/Packages gnutls_handshake() failed: Handshake failed
W: Falhou ao buscar https://deb.nodesource.com/node_10.x/dists/trusty/main/binary-i386/Packages gnutls_handshake() failed: Handshake failed
with node 12.x same error
root@desenvolvimento:/home/bernardo# gnutls-cli -V -p 443 deb.nodesource.com Resolving ‘deb.nodesource.com’… Connecting to ‘2001:12f0:210::c88f:f709:443’… *** Fatal error: A TLS fatal alert has been received. *** Received alert [40]: Handshake failed *** Handshake has failed GnuTLS error: A TLS fatal alert has been received.
Our (Docker) team is also in contact with AWS. So far it appears to be an issue on their side (but not confirmed yet), and fails on distros running an older version of gnutils (Ubuntu 14.04, Ubuntu 12.04)
There’s an issue with the docker project too… https://github.com/docker/docker/issues/16941#issuecomment-260912326
52.222.171.*
might be bad??I can confirm this on a fresh
ubuntu/trusty64
box usingvagrant
The incompatibility between the certificate ciphers and those available in Ubuntu Trusty Tahr 14.04 caused this issue.
Please all confirm that it works correctly and sorry for the inconvenience.
I tested it now and returned to normal I didn’t change anything
This issue is not yet resolved for me:
see: https://travis-ci.org/TheTorProject/ooni-measurements/builds/176429312#L1680
Thanks, it works for me too!
As of October 26th Debian Jessie nodes with libgnutls-deb0-28=3.3.8-6+deb8u3 (The latest version) were able to download from Nodesource - but now can’t. 3.3.8-6+deb8u2 also fails.
So, since that date, either: (1) Nodesource have moved to Cloudfront, or… (2) AWS Cloudfront have changed something in SSL.
I’m looking into the exact failure, but I suspect a non-HTTP workaround will prove difficult if it’s a Cloudfront problem.
@Hashfyre yes… that’s why I’m not deploying today… Skipped the deployment for today and will do it on Friday 😉 NOBODY should be doing this in production or on their systems. Try these things inside a VM…
Of course I can change the servers etc. but mehhh, this should get fixed soon, there’s no fire… everything’s okay… http://weknowmemes.com/wp-content/uploads/2014/09/this-is-fine-meme.jpg
@Esya It’s doesn’t work on ubuntu 14.04
Workaround for now:
change
deb https://deb.nodesource.com/node_5.x $distribution main
to
deb https://d2buw04m05mirl.cloudfront.net/node_5.x $distribution main
(It’s the same server but the SSL handshake will suceed - apt doesn’t need to know about SNI in this case.)