Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

apt-get update

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

apt-get update

L3 Networker

I think I need to fix my ability to pull from the apt repo. I am failing 

 

Err:13 https://conversionupdates.paloaltonetworks.com expedition-updates/ Packages
gnutls_handshake() failed: Error in the pull function.
Fetched 216 kB in 2s (93.4 kB/s)
Reading package lists... Done
W: The repository 'https://conversionupdates.paloaltonetworks.com expedition-updates/ Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Failed to fetch https://conversionupdates.paloaltonetworks.com/expedition-updates/Packages gnutls_handshake() failed: Error in the pull function.
E: Some index files failed to download. They have been ignored, or old ones used instead.

 

root@Expedition:/tmp# apt-get install expedition-beta 
Reading package lists... Done
Building dependency tree
Reading state information... Done
expedition-beta is already the newest version (1.0.84).
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.

1 accepted solution

Accepted Solutions

...so, funny enough, this issue was caused by our Palo FWs App-ID classifying this traffic not as web-browsing, ssl, or apt-get, but instead as paloalto-updates....which I didnt have in the rule that allowed Expedition to reach out for updates. So, all the normal Ubuntu updates worked, but just not the Palo repo traffic.

 

Ladies and gentlemen, update your Palo rules! 🙂

View solution in original post

5 REPLIES 5

L2 Linker

Try running this:

sudo apt -o "Acquire::AllowInsecureRepositories=true" -o "Acquire::AllowDowngradeToInsecureRepositories=true" update

Err:13 https://conversionupdates.paloaltonetworks.com expedition-updates/ Packages
gnutls_handshake() failed: Error in the pull function.
Fetched 323 kB in 2s (123 kB/s)
Reading package lists... Done
W: The repository 'https://conversionupdates.paloaltonetworks.com expedition-updates/ Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Failed to fetch https://conversionupdates.paloaltonetworks.com/expedition-updates/Packages gnutls_handshake() failed: Error in the pull function.
E: Some index files failed to download. They have been ignored, or old ones used instead.

I think I have narrowed down the issue, it looks like a firewall issue on my side.

...so, funny enough, this issue was caused by our Palo FWs App-ID classifying this traffic not as web-browsing, ssl, or apt-get, but instead as paloalto-updates....which I didnt have in the rule that allowed Expedition to reach out for updates. So, all the normal Ubuntu updates worked, but just not the Palo repo traffic.

 

Ladies and gentlemen, update your Palo rules! 🙂

Very interesting

  • 1 accepted solution
  • 14058 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!