elec Posted May 12, 2020 Posted May 12, 2020 Hello, I have a strange problem where outbound ssl connections are breaking. For example using curl from host itself or dockers such as sonarr doing api requests or nzbget downloading data from ssl sources break from time to time. Example: root@oasis:~# curl -o o https://www.google.com % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 curl: (35) error:1408F119:SSL routines:ssl3_get_record:decryption failed or bad record mac Out of 10 curls 1 might fail but its more noticeable in nzbget where I am getting spammed with those errors. Things I tried so far and no success: 1. Tested with another computer on same switch to rule out my network 2. Swapped ethernet cables 3. Swapped ethernet ports (my motherboard has 2) 4. Unraid created a bond interface so I tried going back to individual interfaces 5. Disabled all offloading features such as lso, gro, tso, etc... 6. Did a memtest86 for 10~hours no errors. Hardware specs: CPU: AMD Ryzen 3600 Motherboard: AsRock X470D4U Memory: Crucial 32GB (2 x 16GB) 288-Pin DDR4 SDRAM DDR4 2666 Nic: From motherboard Thanks for any ideas! oasis-diagnostics-20200512-1031.zip Quote
elec Posted May 12, 2020 Author Posted May 12, 2020 In case someone has ideas I found the following: 1. Changing the cipher in nzbget to RC4-MD5 got rid of all the ssl errors for nzbget. 2. Changing the cipher to blank (auto) or choosing AES128-SHA for example brings back ssl errors. Not sure how to test with curl since most websites block rc4-md5 since its less secure Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.