By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Amazon Linux 2023 on VMware SSL error SSL_ERROR_SYSCALL

0

Downloaded al2023-vmware_esx-2023.6.20241121.0-kernel-6.1-x86_64.xfs.gpt.ova from https://docs.aws.amazon.com/linux/al2023/ug/outside-ec2-download.html

Created seed.iso like described here https://docs.aws.amazon.com/linux/al2023/ug/seed-iso.html Successfully launched the machine and connected using SSH.

Full setup manual: https://aws.plainenglish.io/complete-guide-running-amazon-linux-2023-on-vmware-configuration-and-setup-instructions-37c9577990cc

When I try to use wget or curl I receive:

[root@amazon-linux-2023 ec2-user]# curl -v https://google.com
* Host google.com:443 was resolved.
* IPv6: 2404:6800:4001:802::200e
* IPv4: 142.251.223.78
*   Trying 142.251.223.78:443...
* Connected to google.com (142.251.223.78) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
*  CApath: none
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to google.com:443
* Closing connection
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to google.com:443

What is wrong? How to fix this issue?

asked 11 days ago58 views
2 Answers
0

The SSL_ERROR_SYSCALL error you're encountering suggests there's an issue with the SSL/TLS connection, possibly related to the system's SSL configuration or network settings. Here are some potential causes and solutions:

  1. Time synchronization: Ensure your system's time is correctly synchronized. Incorrect system time can cause SSL certificate validation failures. Use the chrony service to sync time:

    sudo systemctl start chronyd
    sudo systemctl enable chronyd
    
  2. OpenSSL version: Check if you have the latest version of OpenSSL installed. Amazon Linux 2023 should come with an up-to-date version, but you can verify and update if necessary:

    openssl version
    sudo dnf update openssl
    
  3. CA certificates: Ensure your CA certificates are up-to-date:

    sudo update-ca-trust
    
  4. Firewall settings: Check if your firewall is blocking outgoing HTTPS connections. Temporarily disable the firewall to test:

    sudo systemctl stop firewalld
    
  5. DNS resolution: Verify that DNS resolution is working correctly. Try using a different DNS server temporarily:

    echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf
    
  6. Network configuration: If you're using a proxy or VPN, ensure it's configured correctly and not interfering with SSL connections.

  7. SELinux: If SELinux is enabled, it might be interfering with network connections. Try setting it to permissive mode temporarily:

    sudo setenforce 0
    

After trying these steps, restart your system and test the connection again. If the issue persists, you may need to investigate further by checking system logs or network configurations specific to your VMware environment.
Sources
Tutorial: Configure SSL/TLS on AL2023 - Amazon Linux 2023
Amazon Linux 2023 version 2023.1.20230825 release notes - Amazon Linux 2023
Amazon Linux 2023 version 2023.5.20240805 release notes - Amazon Linux 2023

profile picture
answered 11 days ago
0

Found a much easier way to get working for me solution: using a vagrant box, for example https://portal.cloud.hashicorp.com/vagrant/discover/gbailey/al2023

answered 10 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions