I’m trying to install connector on my hosts where 10 instances Ubuntu 20.04 LTS
curl: (35) OpenSSL SSL_connect: Connection reset by peer in connection to binaries.twingate.com:443
I try install to all machines and change the network then again run same issue.
All distros are up to date. Firewall rules are open for 30000 to 31000 and 443 via TCP
Have any update?
I think have issue from binaries domain side
alexb
May 31, 2023, 3:55pm
3
I’m assuming you’re running this command:
curl "https://binaries.twingate.com/connector/setup.sh"
| sudo TWINGATE_ACCESS_TOKEN="" TWINGATE_REFRESH_TOKEN="" TWINGATE_URL="https://<YOUR TWINGATE SUBDOMAIN>.twingate.com" bash
and that it’s failing on the curl
bit. If so, that’s an issue with your machines.
A few things to try:
Update curl
Ensure that your machines time is synchronized by following these steps
Look at the output of openssl s_client -connect binaries.twingate.com:443 -servername binaries.twingate.com
to see what failures may be occurring in the TLS handshake.
One more thing: you only need to install at least 1 Connector per remote network . If all of your machines are on the same network and can reach each other, you only need a single Connector.
Yes I updated the curl from the github latest version with build into my machines.
CONNECTED(00000003)
write:errno=104
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 313 bytes
Verification: OK
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
This is output of openssl s_client -connect binaries.twingate.com:443 -servername binaries.twingate.com
And I’m installed chrony successfully
chrony.service - chrony, an NTP client/server
Loaded: loaded (/lib/systemd/system/chrony.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2023-05-31 16:13:17 UTC; 2min 35s ago
Same issue
When installing connector curl: (35) Recv failure: Connection reset by peer
alexb
May 31, 2023, 4:25pm
5
Could you provide the output of curl -v "https://binaries.twingate.com/connector/setup.sh"
?
Trying 34.120.211.59:443…
TCP_NODELAY set
Connected to binaries.twingate.com (34.120.211.59) port 443 (#0 )
ALPN, offering h2
ALPN, offering http/1.1
successfully set certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
TLSv1.3 (OUT), TLS handshake, Client hello (1):
OpenSSL SSL_connect: Connection reset by peer in connection to binaries.twingate.com:443
Closing connection 0
curl: (35) OpenSSL SSL_connect: Connection reset by peer in connection to binaries.twingate.com:443
alexb
May 31, 2023, 6:53pm
8
Gotcha - there’s not too much more info there than the original curl command.
I suspect the problem is on your end. The binaries.twingate.com
site works on all of the machines I’ve tested it on. It seems like your machine isn’t able to complete the TLS handshake, and I’m not sure of what the exact reason could be.
Some things to try:
See if you can create TLS connections on other sites, e.g. twingate.com
or google.com
Update openssl
Thank you I’ll test again.