I cannot update DNF’s local cache or upgrade packages from the main Fedora repositories (i.e., sudo dnf update
, sudo dnf install openssl
). Updating RPM Fusion repositories works as normal (i.e., sudo dnf update --repoid=rpmfusion-free
).
When attempting to update the updates
repository (i.e., sudo dnf update --repoid=updates --verbose
), DNF shows the following error 12 times before exiting.
error: Curl error (35):
SSL connect error for https://mirrors.fedoraproject.org/metalink?repo=updates-released-f37&arch=x86_64
[error:0A000126:SSL routines::unexpected eof while reading]
(https://mirrors.fedoraproject.org/metalink?repo=updates-released-f37&arch=x86_64).
With more testing, I have found that I cannot open any TLS connection to mirrors.fedoraproject.org at all.
- Firefox fails with
PR_END_OF_FILE_ERROR
. - Chromium fails with
ERR_CONNECTION_CLOSED
. - cURL fails with:
curl: (35) error:0A000126:SSL routines::unexpected eof while reading
- wget fails with:
GnuTLS: The TLS connection was non-properly terminated. Unable to establish SSL connection.
- OpenSSL (i.e.,
openssl s_client -connect 209.132.190.2:443 -servername mirrors.fedoraproject.org
) fails with:CONNECTED(00000003) C0839BE58E7F0000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while reading:ssl/record/rec_layer_s3.c:321: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 336 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) ---
This host can be connected to from other hosts on the LAN. Enabling or disabling a proxy VPN has no effect. Changing DNS configuration from Cloudflare DNS to ISP DNS for the current connection in Settings has no effect, even after disabling and re-enabling Wi-Fi.
nslookup
and dig
both resolve mirrors.fedoraproject.org to IP 209.132.190.2.
This issue has persisted for about a week. Any ideas?