I cannot update DNF’s local cache or upgrade packages from the main Fedora repositories (i.e.,
sudo dnf update,
sudo dnf install openssl). Updating RPM Fusion repositories works as normal (i.e.,
sudo dnf update --repoid=rpmfusion-free).
When attempting to update the
updates repository (i.e.,
sudo dnf update --repoid=updates --verbose), DNF shows the following error 12 times before exiting.
error: Curl error (35): SSL connect error for https://mirrors.fedoraproject.org/metalink?repo=updates-released-f37&arch=x86_64 [error:0A000126:SSL routines::unexpected eof while reading] (https://mirrors.fedoraproject.org/metalink?repo=updates-released-f37&arch=x86_64).
With more testing, I have found that I cannot open any TLS connection to mirrors.fedoraproject.org at all.
- Firefox fails with
- Chromium fails with
- cURL fails with:
curl: (35) error:0A000126:SSL routines::unexpected eof while reading
- wget fails with:
GnuTLS: The TLS connection was non-properly terminated. Unable to establish SSL connection.
- OpenSSL (i.e.,
openssl s_client -connect 126.96.36.199:443 -servername mirrors.fedoraproject.org) fails with:
CONNECTED(00000003) C0839BE58E7F0000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while reading:ssl/record/rec_layer_s3.c:321: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 336 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) ---
This host can be connected to from other hosts on the LAN. Enabling or disabling a proxy VPN has no effect. Changing DNS configuration from Cloudflare DNS to ISP DNS for the current connection in Settings has no effect, even after disabling and re-enabling Wi-Fi.
dig both resolve mirrors.fedoraproject.org to IP 188.8.131.52.
This issue has persisted for about a week. Any ideas?