Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
06-28-2018 08:25 AM
I think I need to fix my ability to pull from the apt repo. I am failing
Err:13 https://conversionupdates.paloaltonetworks.com expedition-updates/ Packages
gnutls_handshake() failed: Error in the pull function.
Fetched 216 kB in 2s (93.4 kB/s)
Reading package lists... Done
W: The repository 'https://conversionupdates.paloaltonetworks.com expedition-updates/ Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Failed to fetch https://conversionupdates.paloaltonetworks.com/expedition-updates/Packages gnutls_handshake() failed: Error in the pull function.
E: Some index files failed to download. They have been ignored, or old ones used instead.
root@Expedition:/tmp# apt-get install expedition-beta
Reading package lists... Done
Building dependency tree
Reading state information... Done
expedition-beta is already the newest version (1.0.84).
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
06-28-2018 09:42 AM
...so, funny enough, this issue was caused by our Palo FWs App-ID classifying this traffic not as web-browsing, ssl, or apt-get, but instead as paloalto-updates....which I didnt have in the rule that allowed Expedition to reach out for updates. So, all the normal Ubuntu updates worked, but just not the Palo repo traffic.
Ladies and gentlemen, update your Palo rules! 🙂
06-28-2018 09:24 AM
Try running this:
sudo apt -o "Acquire::AllowInsecureRepositories=true" -o "Acquire::AllowDowngradeToInsecureRepositories=true" update
06-28-2018 09:31 AM
Err:13 https://conversionupdates.paloaltonetworks.com expedition-updates/ Packages
gnutls_handshake() failed: Error in the pull function.
Fetched 323 kB in 2s (123 kB/s)
Reading package lists... Done
W: The repository 'https://conversionupdates.paloaltonetworks.com expedition-updates/ Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Failed to fetch https://conversionupdates.paloaltonetworks.com/expedition-updates/Packages gnutls_handshake() failed: Error in the pull function.
E: Some index files failed to download. They have been ignored, or old ones used instead.
06-28-2018 09:36 AM
I think I have narrowed down the issue, it looks like a firewall issue on my side.
06-28-2018 09:42 AM
...so, funny enough, this issue was caused by our Palo FWs App-ID classifying this traffic not as web-browsing, ssl, or apt-get, but instead as paloalto-updates....which I didnt have in the rule that allowed Expedition to reach out for updates. So, all the normal Ubuntu updates worked, but just not the Palo repo traffic.
Ladies and gentlemen, update your Palo rules! 🙂
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
