Hello over the weekend my self-hosted build agent lost connection to the DevOps Services. Not completely but I am getting connection errors on almost all of my builds.
my builds are failing with the error:
ERR Agent] System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..
From the Agent diagnostic logs.
I tried re-installing the Agent but this is not possible either as I get the exact same error when I try to run config.cmd remove
I tried adding --sslskipcertvalidation but this does not seem to work with the remove command. I tried to remove the old from the services, but it will not remove from the agent machine as I cannot complete the "config.cmd remove" process.
No clue why I am getting these connection errors all of a sudden. (I am on the Basic plan)
Does not seem to be relating to any current reported Azure outages (2021-04-12).
I ended up installing the agent again in a separate folder from the old agent.
Likely the issue was that the old agent was installed with the url [org.name].visualstudio.com I guess there is now some SSL certificate issue on the old url.
I installed the new agent with the dev.azure.com/[org.name] url and this solved all of my issues.
The same thing happened to me, but I was able to solve it by installing this application on the server, which is used to activate the TLS2 protocols with just one click and the SSL Cipher Suites
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 2048 bits FS 256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 2048 bits FS 128
nartac IISCrypto is the app
Related
I've been trying to establish a VPN between my computer and this V7610 router for quite some time, and getting error 789 "The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer"
I think the modem/router is configured ok, because I can establish a VPN from my iPhone.
I've tried to use exactly the same settings, L2TP/IPsec, preshared key.
I've enabled the additional Authentication protocols in the Security options.
I've edited the registry key AssumeUDPEncapsulationContextOnSendRule.
All updates are current, so the dodgy windows update that affected VPN's should not be an issue.
What would be the next step in diagnosing the problem....
Thanks 🙏🙏
Terraform init is giving the following error. No version has been upgraded and it was working few days back but suddenly it is failing.
Error: Failed to query available provider packages
Could not retrieve the list of available versions for provider hashicorp/aws:
could not connect to registry.terraform.io: Failed to request discovery
document: Get "https://registry.terraform.io/.well-known/terraform.json": read: connection reset by peer
when I run curl from the server, it is not able to connect as well.
curl https://registry.terraform.io/
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to registry.terraform.io:443
Are you on a network where an admin might have installed a proxy between you and the internet? If so, you need to get the signing certificates and configure them in your provider.
If you're on a home network or a public one, this is a man in the middle attack. Do not use this network.
If you have the certificates, they can be configured in your aws provider by pointing cacert_path, cert_path and key_path at the appropriate .pem files.
If you have verified that there is a valid reason to have a proxy between you and the internet, you are not touching production, and the certificates are hard to come by, you can test your code by setting insecure = true on your provider. Obviously, don't check that in.
I get this error from time to time. It's been frequently reported on the terrafrom github page. One particular comment always reminds me to refresh my network settings (e.g. restart network connection):
OK, I think I have isolated and resolved the issue in my case. It's
always DNS to blame in the end, right? I hardcoded CloudFlare DNS
(1.1.1.1 and its IPv4 and IPv6 aliases) into my network settings on
the laptop, and since then everything seems to be working like a
treat.
How I fix that nre relic provider downloading issue
Error while installing newrelic/newrelic v3.13.0: could not query provider registry for registry.terraform.io/newrelic/newrelic: failed to retrieve authentication checksums for provider: the request failed
│ after 2 attempts, please try again later: Get "https://github.com/newrelic/terraform-provider-newrelic/releases/download/v3.13.0/terraform-provider-newrelic_3.13.0_SHA256SUMS": net/http: request canceled
│ while waiting for connection (Client.Timeout exceeded while awaiting headers)
https://learnubuntu.com/change-dns-server/
add google nameservers here:
/etc/resolv.conf
and then check with thsi command:
dig google.com | grep SERVER
and done.
This is a temp change, will disappear when moving to the new terminal.
I am currently trying to deploy a NuGet package to our local Nexus server from a Linux build machine (dotnet core project)
However, the Nexus server is running on HTTPS with a company domain certificate which is not recognised by my build machine.
When I run nuget push I get the following error:
Pushing App.1.0.0.nupkg to 'https://v-nexus/repository/nuget/'...
PUT https://v-nexus/repository/nuget/
An error was encountered when fetching 'PUT https://v-nexus/repository/nuget/'. The request will now be retried.
Error: TrustFailure (The authentication or decryption has failed.)
The authentication or decryption has failed.
Invalid certificate received from server. Error code: 0xffffffff800b010a
PUT https://v-nexus/repository/nuget/
An error was encountered when fetching 'PUT https://v-nexus/repository/nuget/'. The request will now be retried.
Error: TrustFailure (The authentication or decryption has failed.)
The authentication or decryption has failed.
Invalid certificate received from server. Error code: 0xffffffff800b010a
PUT https://v-nexus/repository/nuget/
Error: TrustFailure (The authentication or decryption has failed.)
The authentication or decryption has failed.
Invalid certificate received from server. Error code: 0xffffffff800b010a
I have tried:
Installing the server certificate globally (using update-ca-certificates)
Installing the certificate using certmgr
Is there any other way that I have missed, or is this a known issue using NuGet in Linux. (I am using docker containers so don't want the solution to be "use windows"!) This is forming part of our automated build system so I am limited to Linux docker containers.
One of my colleges, running Windows is able to push the package without any issues, so I know it's not an issue with the server.
This is a very old question but I came across it looking for an answer to this issue.
The problem seems to be Nuget, under Mono, is broken.
It's not really an answer but hopefully it helps somebody else.
I have couchdb running on a Linux Ubuntu 14.04 VM and a .net Web application running under Azure Web Apps. Under our ELMAH logging for the web application I keep getting intermittent errors:
System.Net.Sockets.SocketException
A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond [ipaddress]:5984
I've checked the CouchDB logs and there isn't a record of those requests so I don't believe it's hitting the CouchDB server, I can confirm this by looking at the web server logs on Azure and see the Error 500 response. I've also tried a tcpdump however with little success (another issue logging tcpdump to a separate disk keeps failing due to access denied)
We've previously ran CouchDB on a Windows VM with no issues so I wonder if the issue relates to the OS connection settings for tcp and timeouts
Anyone have any suggestions as to where to look or what immediately jumps to mind?
We are experiencing the following error when trying to use an external web service from our application deploy under IIS 7.5.
Error - The underlying connection was closed: Could not establish secure channel for SSL/TLS.
This works from other servers, but on this particular one it fails. This started happening when the server we are trying to connect with disallowed SSL connections and is only accepting TLS. As described in this link http://support.microsoft.com/kb/915599 we changed the registry, but are still seeing the error. Please see the attached image of the registry to make sure this was done properly. It seems like IIS is still trying to use the SSL protocol. I'm a bit confused where in the communication process IIS selects the protocol, SSL vs TLS. Maybe there's something that needs to be done to ensure TLS is selected? Other ideas?
This was fixed at the code level by adding the following line -
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls;