Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SG-1100 Won't update to latest build, can't install ACME

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    10 Posts 3 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DaveWh
      last edited by

      I suspect the two are related. My attempt to install ACME results in:

      Installing pfSense-pkg-acme...
      Updating pfSense-core repository catalogue...
      7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
      7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
      pkg-static: https://repo.netgate.com/pkg/pfSense_factory-v2_4_4_aarch64-core/meta.txz: Authentication error
      repository pfSense-core has no meta file, using default settings
      7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
      Child process pid=47572 terminated abnormally: Segmentation fault
      Failed

      And it doesn't even notice the update to 2.4.4 p3:
      Current Base System 2.4.4_2
      Latest Base System 2.4.4_2
      Status Up to date.

      What's going on? How do I get this unwound?

      1 Reply Last reply Reply Quote 0
      • chrismacmahonC
        chrismacmahon
        last edited by

        Can you try the "update troubleshooting" steps listed on our blog post?

        https://www.netgate.com/blog/pfsense-2-4-4-release-p3-now-available.html

        Need help fast? Our support is available 24/7 https://www.netgate.com/support/

        Do Not PM For Help!

        1 Reply Last reply Reply Quote 0
        • D
          DaveWh
          last edited by

          I ran that script and got:

          The following package files will be deleted:
          /var/cache/pkg/pkg
          /var/cache/pkg/pfSense-repo-2.4.4_4-fd2d351fba.txz
          /var/cache/pkg/netgate-ping-auth-20181211.txz
          /var/cache/pkg/pfSense-repo-2.4.4_4.txz
          /var/cache/pkg/pfSense-upgrade-0.62_1-555b7673dc.txz
          /var/cache/pkg/pfSense-upgrade-0.62_1.txz
          /var/cache/pkg/netgate-ping-auth-20181211-1cdf536131.txz
          The cleanup will free 27 KiB
          Deleting files: ....... done
          All done
          Updating pfSense-core repository catalogue...
          7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
          7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
          7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
          pkg-static: https://repo.netgate.com/pkg/pfSense_factory-v2_4_4_aarch64-core/meta.txz: Authentication error
          repository pfSense-core has no meta file, using default settings
          Child process pid=71119 terminated abnormally: Segmentation fault

          returning to the update page it still tells me I'm on the current version. I switched to the dev branch and back. No help. I then tried the next suggestion:

          Shell Output - pkg-static update -f
          Updating pfSense-core repository catalogue...
          7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
          7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
          7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
          pkg-static: https://repo.netgate.com/pkg/pfSense_factory-v2_4_4_aarch64-core/meta.txz: Authentication error
          repository pfSense-core has no meta file, using default settings
          Child process pid=71183 terminated abnormally: Segmentation fault

          as for the log file, your doc needs updating. The file is at /cf/conf/upgrade_log.txt, not /conf/upgrade_log.latest.txt. Content:

          Updating repositories metadata...
          Updating pfSense-core repository catalogue...
          7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
          7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
          pkg-static: https://repo.netgate.com/pkg/pfSense_factory-v2_4_4_aarch64-core/meta.txz: Authentication error
          repository pfSense-core has no meta file, using default settings
          7407188:error:14099044:SSL routines:ssl3_send_client_verify:internal error:/usr/local/poudriere/jails/pfSense_factory-v2_4_4_aarch64/usr/src/crypto/openssl/ssl/s3_clnt.c:3266:
          Child process pid=62559 terminated abnormally: Segmentation fault

          1 Reply Last reply Reply Quote 0
          • chrismacmahonC
            chrismacmahon
            last edited by

            Can you get me the output of the following:

            /usr/local/bin/ping-auth.sh
            

            and

            /usr/local/sbin/ping-auth -s
            

            as well as:

            /usr/bin/openssl ec -in /etc/thoth/key.pem -noout -text
            

            Thanks!

            Need help fast? Our support is available 24/7 https://www.netgate.com/support/

            Do Not PM For Help!

            1 Reply Last reply Reply Quote 0
            • D
              DaveWh
              last edited by DaveWh

              It has private key info in it. Is there some way I can send to you directly so my private key data isn't published for the world to see? Although, I can quickly see the private key is clearly some small text string, and not really a proper key.

              1 Reply Last reply Reply Quote 0
              • chrismacmahonC
                chrismacmahon
                last edited by

                The PUB block from that should be enough.

                Need help fast? Our support is available 24/7 https://www.netgate.com/support/

                Do Not PM For Help!

                1 Reply Last reply Reply Quote 0
                • D
                  DaveWh
                  last edited by DaveWh

                  Shell Output - /usr/local/bin/ping-auth.sh
                  fail.

                  Shell Output - /usr/local/sbin/ping-auth -s
                  0123bab896a38ba9ee

                  Shell Output - /usr/bin/openssl ec -in /etc/thoth/key.pem -noout -text
                  read EC key
                  Private-Key: (256 bit)
                  priv:
                  <removed>

                  pub:
                  04:68:5e:4f:47: cd:76:16:59:c0:ea:44:39:b1:62:
                  ff:da:68:91:83:ce:5a:cf:c9:7a:58:34:fa:0f:7f:
                  ff:1f:4c:df:9a:78:7f:40:c9:e3:39:07:23:89:35:
                  a3:35:cb:62:53:4e:85:f0:12:2b:35:b3:9f:1f:5b:
                  c5:e5:c0:e9:0d
                  ASN1 OID: prime256v1
                  NIST CURVE: P-256

                  1 Reply Last reply Reply Quote 0
                  • chrismacmahonC
                    chrismacmahon
                    last edited by

                    Thanks for that information.

                    Let's move this into a ticket, can you open one up at https://go.netgate.com please?

                    When opening your ticket, please include your Netgate Device ID, and reference this thread.

                    Thanks!

                    Need help fast? Our support is available 24/7 https://www.netgate.com/support/

                    Do Not PM For Help!

                    1 Reply Last reply Reply Quote 0
                    • D
                      DaveWh
                      last edited by

                      ticket filed: https://go.netgate.com/support/tickets/28076

                      1 Reply Last reply Reply Quote 0
                      • S
                        slu
                        last edited by

                        How you fixed this?
                        I have the same problem:
                        https://forum.netgate.com/topic/151684/sg-1100-pkg-static-https-repo-netgate-com-pkg-pfsense_factory-v2_4_5_aarch64-core-meta-txz-authentication-error

                        pfSense Gold subscription

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.