"error in version information" at login update check, but successful upgrade from CLI

beatvjiking

@stephenw10 the output is below. The only thing that looks like it could be an error is the "the requested document is not new enough" statements, but I don't think that's it? The time on the machine is correct, btw, synced with reliable NTP servers.

[2.8.1-BETA][admin@waw-staff-vpn.cic.com]/root: pkg -d update
DBG(1)[66330]> pkg initialized
Updating pfSense-core repository catalogue...
DBG(1)[66330]> PkgRepo: verifying update for pfSense-core
DBG(1)[66330]> Pkgrepo, begin update of '/var/db/pkg/repos/pfSense-core/db'
DBG(1)[66330]> Request to fetch pkg+https://beta.pfsense.org/packages/pfSense_v2_8_1_amd64-core/meta.conf
DBG(1)[66330]> curl_open
DBG(1)[66330]> Fetch: fetcher used: pkg+https
DBG(1)[66330]> curl> fetching https://beta.pfsense.org/packages/pfSense_v2_8_1_amd64-core/meta.conf

DBG(1)[66330]> CURL> attempting to fetch from , left retry 3

* Couldn't find host files01.netgate.com in the .netrc file; using defaults
* Host files01.netgate.com:443 was resolved.
* IPv6: 2610:160:11:18::209
* IPv4: 208.123.73.209
*   Trying 208.123.73.209:443...
* Connected to files01.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 / X25519 / RSASSA-PSS
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=*.netgate.com
*  start date: Apr 10 00:00:00 2025 GMT
*  expire date: May 11 23:59:59 2026 GMT
*  subjectAltName: host "files01.netgate.com" matched cert's "*.netgate.com"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
*  SSL certificate verify ok.
*   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha384WithRSAEncryption
*   Certificate level 2: Public key type RSA (4096/152 Bits/secBits), signed using sha384WithRSAEncryption
* using HTTP/1.x
> GET /packages/pfSense_v2_8_1_amd64-core/meta.conf HTTP/1.1
Host: files01.netgate.com
User-Agent: pkg/1.21.3
Accept: */*
If-Modified-Since: Tue, 29 Jul 2025 15:50:17 GMT

* Request completely sent off
< HTTP/1.1 200 OK
Fetching meta.conf:   0%< Server: nginx
< Date: Tue, 05 Aug 2025 16:16:48 GMT
< Content-Type: application/octet-stream
< Content-Length: 179
< Last-Modified: Tue, 29 Jul 2025 15:50:17 GMT
< Connection: keep-alive
< ETag: "6888edb9-b3"
< Strict-Transport-Security: max-age=31536000; preload
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Robots-Tag: all
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Accept-Ranges: bytes
<
* The requested document is not new enough
* Simulate an HTTP 304 response
* Closing connection

DBG(1)[66330]> Request to fetch pkg+https://beta.pfsense.org/packages/pfSense_v2_8_1_amd64-core/data.pkg
DBG(1)[66330]> curl_open
DBG(1)[66330]> Fetch: fetcher used: pkg+https
DBG(1)[66330]> curl> fetching https://beta.pfsense.org/packages/pfSense_v2_8_1_amd64-core/data.pkg

DBG(1)[66330]> CURL> attempting to fetch from , left retry 3

* Couldn't find host files01.netgate.com in the .netrc file; using defaults
* Hostname files01.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to files01.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 / X25519 / RSASSA-PSS
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=*.netgate.com
*  start date: Apr 10 00:00:00 2025 GMT
*  expire date: May 11 23:59:59 2026 GMT
*  subjectAltName: host "files01.netgate.com" matched cert's "*.netgate.com"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
*  SSL certificate verify ok.
*   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha384WithRSAEncryption
*   Certificate level 2: Public key type RSA (4096/152 Bits/secBits), signed using sha384WithRSAEncryption
* using HTTP/1.x
> GET /packages/pfSense_v2_8_1_amd64-core/data.pkg HTTP/1.1
Host: files01.netgate.com
User-Agent: pkg/1.21.3
Accept: */*
If-Modified-Since: Tue, 29 Jul 2025 15:50:17 GMT

* Request completely sent off
< HTTP/1.1 200 OK
Fetching data.pkg:   0%< Server: nginx
< Date: Tue, 05 Aug 2025 16:16:49 GMT
< Content-Type: application/octet-stream
< Content-Length: 1633
< Last-Modified: Tue, 29 Jul 2025 15:50:17 GMT
< Connection: keep-alive
< ETag: "6888edb9-661"
< Strict-Transport-Security: max-age=31536000; preload
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Robots-Tag: all
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Accept-Ranges: bytes
<
* The requested document is not new enough
* Simulate an HTTP 304 response
* Closing connection

pfSense-core repository is up to date.
Updating pfSense repository catalogue...
DBG(1)[66330]> PkgRepo: verifying update for pfSense
DBG(1)[66330]> Pkgrepo, begin update of '/var/db/pkg/repos/pfSense/db'
DBG(1)[66330]> Request to fetch pkg+https://beta.pfsense.org/packages/pfSense_v2_8_1_amd64-pfSense_v2_8_1/meta.conf
DBG(1)[66330]> curl_open
DBG(1)[66330]> Fetch: fetcher used: pkg+https
DBG(1)[66330]> curl> fetching https://beta.pfsense.org/packages/pfSense_v2_8_1_amd64-pfSense_v2_8_1/meta.conf

DBG(1)[66330]> CURL> attempting to fetch from , left retry 3

* Couldn't find host files01.netgate.com in the .netrc file; using defaults
* Host files01.netgate.com:443 was resolved.
* IPv6: 2610:160:11:18::209
* IPv4: 208.123.73.209
*   Trying 208.123.73.209:443...
* Connected to files01.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 / X25519 / RSASSA-PSS
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=*.netgate.com
*  start date: Apr 10 00:00:00 2025 GMT
*  expire date: May 11 23:59:59 2026 GMT
*  subjectAltName: host "files01.netgate.com" matched cert's "*.netgate.com"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
*  SSL certificate verify ok.
*   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha384WithRSAEncryption
*   Certificate level 2: Public key type RSA (4096/152 Bits/secBits), signed using sha384WithRSAEncryption
* using HTTP/1.x
> GET /packages/pfSense_v2_8_1_amd64-pfSense_v2_8_1/meta.conf HTTP/1.1
Host: files01.netgate.com
User-Agent: pkg/1.21.3
Accept: */*
If-Modified-Since: Tue, 29 Jul 2025 15:49:03 GMT

* Request completely sent off
< HTTP/1.1 200 OK
Fetching meta.conf:   0%< Server: nginx
< Date: Tue, 05 Aug 2025 16:16:49 GMT
< Content-Type: application/octet-stream
< Content-Length: 179
< Last-Modified: Tue, 29 Jul 2025 15:49:03 GMT
< Connection: keep-alive
< ETag: "6888ed6f-b3"
< Strict-Transport-Security: max-age=31536000; preload
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Robots-Tag: all
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Accept-Ranges: bytes
<
* The requested document is not new enough
* Simulate an HTTP 304 response
* Closing connection

DBG(1)[66330]> Request to fetch pkg+https://beta.pfsense.org/packages/pfSense_v2_8_1_amd64-pfSense_v2_8_1/data.pkg
DBG(1)[66330]> curl_open
DBG(1)[66330]> Fetch: fetcher used: pkg+https
DBG(1)[66330]> curl> fetching https://beta.pfsense.org/packages/pfSense_v2_8_1_amd64-pfSense_v2_8_1/data.pkg

DBG(1)[66330]> CURL> attempting to fetch from , left retry 3

* Couldn't find host files01.netgate.com in the .netrc file; using defaults
* Hostname files01.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to files01.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 / X25519 / RSASSA-PSS
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=*.netgate.com
*  start date: Apr 10 00:00:00 2025 GMT
*  expire date: May 11 23:59:59 2026 GMT
*  subjectAltName: host "files01.netgate.com" matched cert's "*.netgate.com"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
*  SSL certificate verify ok.
*   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha384WithRSAEncryption
*   Certificate level 2: Public key type RSA (4096/152 Bits/secBits), signed using sha384WithRSAEncryption
* using HTTP/1.x
> GET /packages/pfSense_v2_8_1_amd64-pfSense_v2_8_1/data.pkg HTTP/1.1
Host: files01.netgate.com
User-Agent: pkg/1.21.3
Accept: */*
If-Modified-Since: Tue, 29 Jul 2025 15:49:03 GMT

* Request completely sent off
< HTTP/1.1 200 OK
Fetching data.pkg:   0%< Server: nginx
< Date: Tue, 05 Aug 2025 16:16:50 GMT
< Content-Type: application/octet-stream
< Content-Length: 189806
< Last-Modified: Tue, 29 Jul 2025 15:49:03 GMT
< Connection: keep-alive
< ETag: "6888ed6f-2e56e"
< Strict-Transport-Security: max-age=31536000; preload
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Robots-Tag: all
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Accept-Ranges: bytes
<
* The requested document is not new enough
* Simulate an HTTP 304 response
* Closing connection

pfSense repository is up to date.
All repositories are up to date.
[2.8.1-BETA][admin@waw-staff-vpn.cic.com]/root: pfSense-upgrade -dc
>>> Updating repositories metadata...
Updating pfSense-core repository catalogue...
Fetching meta.conf:
Fetching data.pkg:
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
Fetching meta.conf:
Fetching data.pkg:
pfSense repository is up to date.
All repositories are up to date.
2.8.1.b.20250729.1541 version of pfSense is available
[2.8.1-BETA][admin@waw-staff-vpn.cic.com]/root:

stephenw10

Hmm, nope that all looks fine. Nothing there is a show stopping error.

Yet you still see: unable to check for updates on the update page?

beatvjiking

@stephenw10 Yup... still the same. I ran a couple of filesystem check reboots (this machine is on UFS), did the minor update offered by option 13, and still unable to check for updates on the GUI.

stephenw10

Any errors logged?

Do you have IPv6?

beatvjiking

@stephenw10 I can't find any errors logged anywhere - it's why I'm pulling my hair out :) and no IPv6, either. Manually configured, no v6 addresses or routes on the machine.

stephenw10

Does it show available packages in the package manager?

beatvjiking

@stephenw10 yes, looks like a full and complete list. I compared it to another 2.8.1Beta machine I have running.

stephenw10

Hmm. Puzzling indeed!

Try: pfSense-upgrade -dC

The upper case C there causes it to check all configured repos which is what the dashboard check does.

beatvjiking

@stephenw10 again... no errors. It's kind of wild...

[2.8.1-BETA][admin@waw-staff-vpn.cic.com]/root: pfSense-upgrade -dC
>>> Updating repositories metadata...
Updating pfSense-core repository catalogue...
Fetching meta.conf:
Fetching data.pkg:
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
Fetching meta.conf:
Fetching data.pkg:
pfSense repository is up to date.
All repositories are up to date.
Your system is up to date
[2.8.1-BETA][admin@waw-staff-vpn.cic.com]/root:

beatvjiking

The plot thickens - on the login panel:

On the Update page:

Successful upgrade using option 13 via SSH, unchanged webUI behavior after upgrade. It's obviously running the check and able to parse something out of it because it updates the branch information displayed, but it's still wonky.

reberhar

@beatvjiking It seems to catch up after a little while.