distributor icon indicating copy to clipboard operation
distributor copied to clipboard

Published 20 hours ago verified publisher icon 10up

No connection found out of nowhere - CURL 60: SSL ERROR

Open ldollard opened this issue 3 years ago • 8 comments

Hi

I have a Push site and 3 remote sites.

All have been working completely fine for 5 months, then today Remote site C is now giving me this error.

image

Nothing has changed. Remote Site A and B are working completely, fine.

Steps taken so far: I've deleted my SSL and reinstalled it for the Remote site C I've deleted the external connection on push and recreated it with multiple usernames and application passwords, I've even installed the old application password plugin and still i get the no connection found.

If i go directly to the URL https://remotesite.com/wp-json it shows up fine to the js is there and working and can be externally seen.

I deactivated my security plugin i went so far as deactivate ALL plugins and still no luck.

I have no idea what else to try at this point, there is nothing blocking access to that link at all.

ldollard avatar Oct 01 '21 21:10 ldollard

Additional info.

https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/

is this something you guys are aware of?

ldollard avatar Oct 01 '21 21:10 ldollard

Hi All,

So my host (cloudways) fixed this issue, below is what they did, so if anyone else is having the issue, i hope this helps.

) cURL, or any other server-specific client http/ssl tool, breaking on SSL verification. We have identified and applied the fix for this issue.  2) Old web browsers, on mobiles and desktops, unable to load websites because of the expired certificate in their local trust chains. This should have been a very small subset of users, involving users running old versions of OS on their phones and machines. There is no fix for this other then to update the OS on their laptops, mobiles and machines. The other option in this case is to switch your SSL to some other SSL certificate provider.

1: sed -i "/mozilla/DST_Root_CA_X3.crt/d" /etc/ca-certificates.conf && rm -f /usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt && update-ca-certificates -f 2: apt update 3: apt upgrade curl

Obviously this might not directly work on someone else's hope but i hope it helps someone.

cheers.

ldollard avatar Oct 01 '21 22:10 ldollard

Have the exact same error:

Unable to connect to site.
cURL error 60: SSL certificate problem: certificate has expired (http_request_failed)

using centos 8 and Wordpress 5.8.1

grugel-maintro avatar Oct 02 '21 19:10 grugel-maintro

Hi All,

So my host (cloudways) fixed this issue, below is what they did, so if anyone else is having the issue, i hope this helps.

) cURL, or any other server-specific client http/ssl tool, breaking on SSL verification. We have identified and applied the fix for this issue.  2) Old web browsers, on mobiles and desktops, unable to load websites because of the expired certificate in their local trust chains. This should have been a very small subset of users, involving users running old versions of OS on their phones and machines. There is no fix for this other then to update the OS on their laptops, mobiles and machines. The other option in this case is to switch your SSL to some other SSL certificate provider. 1: sed -i "/mozilla/DST_Root_CA_X3.crt/d" /etc/ca-certificates.conf && rm -f /usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt && update-ca-certificates -f 2: apt update 3: apt upgrade curl

Obviously this might not directly work on someone else's hope but i hope it helps someone.

cheers.

Run into the same issue. So it looks like i need to update my certificates, but i don't understand if the problem lies on server A or B. I have on server running as an onion service (A) and on as a clearnet server (B). The sync from the clearnet to the onion service works great but from the onion service to the clearnet server i got the error. Was working before. So do i need do fix the clearnet server or the onion service.

xaman-67 avatar Oct 02 '21 19:10 xaman-67

@xaman-67 sounds like your issue is with the clearnet server and getting the SSL certificate working there, then re-establishing the external connection from the onion service to the clearnet server.

jeffpaul avatar Oct 03 '21 01:10 jeffpaul

Was in contact with my provider:

So in both outgoing and incoming curl logs, your server responds well, and SSL is all new, no longer related to the Lets Encrypt problem. You will have to request support for your script about this issue, on your server side everything works fine

grugel-maintro avatar Oct 08 '21 19:10 grugel-maintro

@grugel-maintro once your host helped resolve your SSL setup, you may want to try and re-save your External Connections to ensure they're properly able to connect to all WordPress instances.

jeffpaul avatar Oct 08 '21 19:10 jeffpaul

This is what I had to do, delete the external connections and recreate them.

ldollard avatar Oct 08 '21 19:10 ldollard