Suddenly getting TLS handshake failed.

HiveStudios
Posts: 14
Joined: Tue Nov 15, 2016 12:07 pm

Suddenly getting TLS handshake failed.

Postby HiveStudios » Mon Aug 12, 2019 9:30 pm

System 4.8.6-300.fc25.x86_64 ,x86_64
Platform 10.0.0-1
Core 10.4.0-1

Working fine for .. years? until today. I haven't made any changes to anything. It was working perfectly and then today I can't connect.

Tue Aug 13 00:28:58 2019 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Aug 13 00:30:00 2019 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Tue Aug 13 00:30:00 2019 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Aug 13 00:30:00 2019 Re-using SSL/TLS context
Tue Aug 13 00:30:00 2019 LZO compression initialized
Tue Aug 13 00:30:00 2019 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Aug 13 00:30:00 2019 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Aug 13 00:30:00 2019 Local Options hash (VER=V4): '41690919'
Tue Aug 13 00:30:00 2019 Expected Remote Options hash (VER=V4): '530fdded'
Tue Aug 13 00:30:00 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Aug 13 00:30:00 2019 UDPv4 link local: [undef]
Tue Aug 13 00:30:00 2019 UDPv4 link remote: 4x.7x.226.94:1194
Tue Aug 13 00:31:01 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Tue Aug 13 00:31:01 2019 TLS Error: TLS handshake failed
Tue Aug 13 00:31:01 2019 TCP/UDP: Closing socket
Tue Aug 13 00:31:01 2019 SIGUSR1[soft,tls-error] received, process restarting
Tue Aug 13 00:31:01 2019 Restart pause, 2 second(s)

Only troubleshooting I've done is to reboot everything.
Openvpn tester shows it working.

User avatar
bigfoot65
Project Manager
Posts: 11457
Joined: Mon May 25, 2009 4:31 pm

Re: Suddenly getting TLS handshake failed.

Postby bigfoot65 » Tue Aug 13, 2019 7:32 am

Could be certificate issues.

There were new certificates published a while back.

Check out the updated client certificates.

Other than that, not sure what else could be causing your issue.
ßîgƒσστ65
Applications Manager

HiveStudios
Posts: 14
Joined: Tue Nov 15, 2016 12:07 pm

Re: Suddenly getting TLS handshake failed.

Postby HiveStudios » Thu Aug 15, 2019 5:57 am

I was pretty sure I had the most recent certificates as this is a fairly new system. I replaced them anyway but there's no difference. Nothing has changed on the HDA. It was working fine until the other day when it just quit working. I'm the guy who also suddenly started having issues with Amahi Anywhere no longer connecting. Again, it was fine for years and then one day it wouldn't connect. No changes were made. HDAConnect/VPN was still working for several weeks after Anywhere quit so I don't know if it's at all related.

What's the best way to proceed?
Is there a way to refresh settings for these apps?
Other than a basic home network server, these 2 features (VPN and Anywhere) are all I ever used. I really would like some help in fixing them. I'm not good with linux. I understand well enough to get it installed and to follow directions. I'm not good with "just show me the log files" without instructions on how to find/copy them.

Thanks

User avatar
bigfoot65
Project Manager
Posts: 11457
Joined: Mon May 25, 2009 4:31 pm

Re: Suddenly getting TLS handshake failed.

Postby bigfoot65 » Thu Aug 15, 2019 7:50 am

This is obviously related to the issue you have with Amahi Anywhere.

Is there a firewall in your network?

Have you checked amahi.org to see if your IP address matches your modem/router?
ßîgƒσστ65
Applications Manager

HiveStudios
Posts: 14
Joined: Tue Nov 15, 2016 12:07 pm

Re: Suddenly getting TLS handshake failed.

Postby HiveStudios » Thu Aug 15, 2019 9:00 pm

I have checked amahi.org and the ip address matches. It updates correctly when it changes.
I get a "green" light with the VPN check.
The firewall has always been there and is set correctly. I even tried shutting it down temporarily.

Even though it shows the correct ip address on amahi.org, and in the "alerts" section it shows that my ip address has been updated a few times recently. I just noticed that the address HDAConnect is trying to reach is an old IP address. I've never had to manually change anything with HDAConnect before. How does HDA Connect get the address to attempt to connect to? Why has it not updated to the one that amahi.org shows?

HiveStudios
Posts: 14
Joined: Tue Nov 15, 2016 12:07 pm

Re: Suddenly getting TLS handshake failed.

Postby HiveStudios » Thu Aug 15, 2019 9:07 pm

This matches my problem exactly:

https://bugs.amahi.org/issues/2242

User avatar
cpg
Administrator
Posts: 2605
Joined: Wed Dec 03, 2008 7:40 am
Contact:

Re: Suddenly getting TLS handshake failed.

Postby cpg » Fri Aug 16, 2019 2:12 am

Apologies for the belated reply.

That bug last referred to was an invalid dynamic DNS IP, due to the system falling behind. It did look like your situation was cert related.

After looking in more detail, it does appear that the IP for your server did not automatically update in our dynamic DNS system.

It seems to be up to date now after a forced update, so please try again and report back.

Sorry for the run-around over the certs over email and here and the subsequent delay.
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 8GB RAM, 1TBx2+3TBx1

HiveStudios
Posts: 14
Joined: Tue Nov 15, 2016 12:07 pm

Re: Suddenly getting TLS handshake failed.

Postby HiveStudios » Fri Aug 16, 2019 5:24 am

Yes! it works.
Thank you.

Problem with Amahi Anywhere still exists, unfortunately.

User avatar
cpg
Administrator
Posts: 2605
Joined: Wed Dec 03, 2008 7:40 am
Contact:

Re: Suddenly getting TLS handshake failed.

Postby cpg » Fri Aug 16, 2019 5:42 am

Great!

About the AmahiAnywhere (AA) issue, I think it may be harder. Your HDA is fairly old with a version that is not updated any more (Amahi 10 on F25) and as it may likely require action in your own HDA. That takes potentially quite some time and we're busy.

Please follow up on that one by email if you would like commercial support (as it requires potentially hard set up and a lot of time).

Thanks.
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 8GB RAM, 1TBx2+3TBx1

HiveStudios
Posts: 14
Joined: Tue Nov 15, 2016 12:07 pm

Re: Suddenly getting TLS handshake failed.

Postby HiveStudios » Fri Aug 16, 2019 9:58 am

How messy is it to update to Amahi 11?
I think when I went from 8 to 10 I did a clean install.
I'm pretty sure Amahi/Fedora are on their own partition that has nothing to do with the other drives/shares.

Who is online

Users browsing this forum: No registered users and 1 guest