Problem: Can Not Open AppCenter Due To SSL Issues

Problem

Opening the AppCenter on a server leads to the following error message:

There is a problem with the certificate of the App Center server https://appcenter.software-univention.de. (EOF occurred in violation of protocol (_ssl.c:581))

Environment

System is running behind a firewall with forced http/https-proxy.
For testing purposes the openssl test prints:

root@ucs:~# openssl s_client -debug -connect appcenter.software-univention.de:443
CONNECTED(00000003)
write to 0x1e556b0 [0x1e55730] (275 bytes => 275 (0x113))
0000 - 16 03 01 01 0e 01 00 01-0a 03 03 1a 3e d1 ab 57   ............>..W
[...]
0100 - 04 03 03 01 03 02 03 03-02 01 02 02 02 03 00 0f   ................
0110 - 00 01 01                                          ...
read from 0x1e556b0 [0x1e5ac90] (7 bytes => 0 (0x0))
140173134010000:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 275 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1538634072
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)

Solution

Make sure the UCS or the AppCenter server are properly marked for proxy bypass in you firewall/ filter configuration.

For transparent HTTPS-Proxying you have to install a CA file from the proxy.


Mastodon