fedora-infrastructure

Clone
Source Code
GIT

#11610 GnuTLS: One of the involved algorithms has insufficient security level.
Closed: Insufficient data a year ago by kevin. Opened a year ago by yadnesh45.

Closed: Insufficient data
Reopen Issue

Downloading fedora images report error

| controller | ++ functions:upload_image:142               :   wget --progress=dot:giga -c https://download.fedoraproject.org/pub/fedora/linux/releases/37/Cloud/x86_64/images/Fedora-Cloud-Base-37-1.7.x86_64.qcow2 -O /opt/stack/devstack/files/Fedora-Cloud-Base-37-1.7.x86_64.qcow2
| controller | --2023-11-07 16:55:11--  https://download.fedoraproject.org/pub/fedora/linux/releases/37/Cloud/x86_64/images/Fedora-Cloud-Base-37-1.7.x86_64.qcow2
| controller | Resolving download.fedoraproject.org (download.fedoraproject.org)... 2600:2701:4000:5211:dead:beef:fe:fed3, 2604:1580:fe00:0:dead:beef:cafe:fed1, 2620:52:3:1:dead:beef:cafe:fed6, ...
| controller | Connecting to download.fedoraproject.org (download.fedoraproject.org)|2600:2701:4000:5211:dead:beef:fe:fed3|:443... connected.
| controller | HTTP request sent, awaiting response... 302 Found
| controller | Location: https://mirror.in2p3.fr/pub/fedora/linux/releases/37/Cloud/x86_64/images/Fedora-Cloud-Base-37-1.7.x86_64.qcow2 [following]
| controller | --2023-11-07 16:55:12--  https://mirror.in2p3.fr/pub/fedora/linux/releases/37/Cloud/x86_64/images/Fedora-Cloud-Base-37-1.7.x86_64.qcow2
| controller | Resolving mirror.in2p3.fr (mirror.in2p3.fr)... 134.158.69.171
| controller | Connecting to mirror.in2p3.fr (mirror.in2p3.fr)|134.158.69.171|:443... connected.
| controller | GnuTLS: One of the involved algorithms has insufficient security level.
| controller | Unable to establish SSL connection.

It seems that there are quite a few mirrors downloading from which reports the same error

There are a couple of issues which need addressing before anyone in Fedora can help on this.
1. The error message does not say which algorithm is not sufficient. There may be ways to get GNUtls to be more verbose or other tools via openssl commands which can help here.
2. It is not clear how your system is set up security wise. (AKA is this a standard install of which OS and what settings were made for algorithms).

Metadata Update from @phsmoura:
- Issue priority set to: Waiting on Reporter (was: Needs Review)
- Issue tagged with: low-gain, low-trouble, ops
a year ago

Additionally, I will add here that we use a network of volunteer mirror sites. We can't directly configure their ssl settings.

download.fedoraproject.org is a redirect to 'a mirror', so it could get you anything.

If you choose a specific mirror that meets your criteria, that could be a workaround?

We need more info to help you out here. ;)

If you're able to provide more info, please do and reopen this ticket. I'm going to close it in the mean time...

Metadata Update from @kevin:
- Issue close_status updated to: Insufficient data
- Issue status updated to: Closed (was: Open)
a year ago

Log in to comment on this ticket.

Metadata
None

ops low-gain low-trouble

None
None
Waiting on Reporter
Boards 1
ops Status: Backlog
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.