OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« previous next »
  • Print
Pages: [1] 2 3

Author Topic: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR  (Read 16302 times)

george09

  • Newbie
  • *
  • Posts: 10
  • Karma: 4
    • View Profile
Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« on: December 18, 2020, 08:53:25 am »
Hello,

since the update I can no longer access the web interface cause of SSL_ERROR_INTERNAL_ERROR_ALERT (Firefox), Chrome says ERR_SSL_PROTOCOL_ERROR.
The Webinterface uses a lets encrypt cert.
I have still access through SSH.

Is there a quick solution for this problem, maybe disable https, but without reset all my network interfaces? or renew cert...?

Thanks
« Last Edit: December 18, 2020, 09:03:29 am by george09 »
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6289
  • Karma: 432
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #1 on: December 18, 2020, 09:36:41 am »
https://twitter.com/opnsense/status/1339847119977533442
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

robgnu

  • Full Member
  • ***
  • Posts: 103
  • Karma: 7
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #2 on: December 18, 2020, 06:46:28 pm »
If you use Lets Encrypt, log into SSH and use this command:

# php /usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php --mode issue --all --force
« Last Edit: December 19, 2020, 07:28:22 am by robgnu »
Logged
Work: www.alpha.berlin

rabievdm

  • Newbie
  • *
  • Posts: 30
  • Karma: 2
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #3 on: December 19, 2020, 08:24:58 pm »
Thanks,

The twitter comment got me working again:
opnsense-revert -r 20.7.6 lighttpd && configctl webgui restart
Much appreciated.

Regards
Logged

Julien

  • Hero Member
  • *****
  • Posts: 651
  • Karma: 32
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #4 on: December 21, 2020, 04:06:00 pm »
did the last update change something on the firewall behaivor?
i noticed our UDP packets (VOIP) are disconnecting after 20 sec. also the web gui is not availble.
Logged
An intelligent man is sometimes forced to be drunk to spend time with his fool.

Taomyn

  • Sr. Member
  • ****
  • Posts: 410
  • Karma: 19
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #5 on: December 21, 2020, 08:27:29 pm »
I've had to revert lighttpd after updating to 20.7.7_1 and even worse I had tried a reboot when the error first happened. I lost Internet access because Unbound was also down and I had no DNS and only access via SSH. Had to hack a working DNS into resolv.conf before the revert would download and then a full reboot to get everything stable again.


Are their any plans for some kind of on-board rollback to an update so when faced with even worse, no Internet, then we can get back working? I don't have the luxury of stand-by devices or the ability to run VM versions with snapshots. Had my Internet been inaccessible I would have be royally screwed as my mobile access is next to nothing here, and mostly sub-3G which did fortunately work on this occasion to find this thread - without Internet trying to find help is a nightmare.
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6289
  • Karma: 432
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #6 on: December 22, 2020, 02:46:54 pm »
Quote from: Taomyn on December 21, 2020, 08:27:29 pm


Are their any plans for some kind of on-board rollback to an update so when faced with even worse, no Internet, then we can get back working? I don't have the luxury of stand-by devices or the ability to run VM versions with snapshots. Had my Internet been inaccessible I would have be royally screwed as my mobile access is next to nothing here, and mostly sub-3G which did fortunately work on this occasion to find this thread - without Internet trying to find help is a nightmare.

Then you maybe should wait a week or so with the update and watch the forums for threads ..
For rollback DNS is required, you should be able to to set DNS server in System : Settings : General and tick the checkbox to not use local unbound. Then it should work too.
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

Taomyn

  • Sr. Member
  • ****
  • Posts: 410
  • Karma: 19
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #7 on: December 22, 2020, 04:30:55 pm »
Quote from: mimugmail on December 22, 2020, 02:46:54 pm
For rollback DNS is required, you should be able to to set DNS server in System : Settings : General and tick the checkbox to not use local unbound. Then it should work too.


Not when the web interface is broken.
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6289
  • Karma: 432
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #8 on: December 22, 2020, 05:53:51 pm »
Then just wait a week or so
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

Taomyn

  • Sr. Member
  • ****
  • Posts: 410
  • Karma: 19
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #9 on: December 24, 2020, 01:08:21 pm »
Quote from: mimugmail on December 22, 2020, 05:53:51 pm
Then just wait a week or so


I did that once before - ended up having to reinstall the whole firewall then restore settings from my offsite backup, and not easy to do when the only image you have on-site is a few releases back - you'll never hit everyone's problems no matter how long you delay it. Hardly friendly when it's your only means of Internet connectivity. Some kind of built-in full rollback should be a feature.
Logged

tortue

  • Newbie
  • *
  • Posts: 4
  • Karma: 0
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #10 on: December 25, 2020, 12:47:06 am »
Quote from: mimugmail on December 18, 2020, 09:36:41 am
https://twitter.com/opnsense/status/1339847119977533442

Another confirmed fix, twitter comment got me working again also.

opnsense-revert -r 20.7.6 lighttpd && configctl webgui restart
Logged

Taomyn

  • Sr. Member
  • ****
  • Posts: 410
  • Karma: 19
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #11 on: January 04, 2021, 03:16:57 pm »
Does the 20.7.7_1 update fix this and what's the recommended way to update after having reverted just lighttpd?
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1173
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #12 on: January 04, 2021, 03:26:17 pm »
We don't have a confirm on ERR_SSL_PROTOCOL_ERROR yet.

You can try using

# opnsense-revert -r 20.7.7 lighttpd && configctl webgui restart

and revert back if necessary. Make sure to probe the lighttpd version depending on the mirror used it may not have yet synced to 1.4.58.


Cheers,
Franco
Logged

Julien

  • Hero Member
  • *****
  • Posts: 651
  • Karma: 32
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #13 on: January 05, 2021, 03:01:36 am »
this the fix

Code: [Select]
opnsense-revert -r 20.7.6 lighttpd && configctl webgui restart
the
Code: [Select]
opnsense-revert -r 20.7.7 lighttpd && configctl webgui restart is not working

first run the first command of 20.7.6 and access the gun and run the update from the gui to lighted 1.4.58 the errors appears again.

« Last Edit: January 05, 2021, 03:03:45 am by Julien »
Logged
An intelligent man is sometimes forced to be drunk to spend time with his fool.

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1173
    • View Profile
Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« Reply #14 on: January 05, 2021, 10:07:16 am »
Then it looks like lighttpd is not going to fix that issue. I can't imagine that this is an issue that can't be fixed from the system (switching cert maybe?). Because it is working for a representative amount of users...


Cheers,
Franco
Logged

  • Print
Pages: [1] 2 3
« previous next »
  • OPNsense Forum »
  • Archive »
  • 20.7 Legacy Series »
  • Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2