Mailing List Archive

Nothing has changed on our end.

Sent from my ? iPhone

> On Dec 23, 2020, at 13:57, Chris via clamav-users <clamav-users@lists.clamav.net> wrote:
>
> ?
> Hello
>
> I'm using ClamAV version 0.103.0 and recently whenever I try to update ClamAV with freshclam, for some reason it spits out this error:
>
> WARNING: Download failed (60) WARNING: Message: SSL peer certificate or SSH remote key was not OK
> WARNING: getpatch: Can't download daily-26002.cdiff from https://database.clamav.net/daily-26002.cdiff
>
> I Googled for some answers on this and a few of the answers said to make sure my "ca-certificates" were updated. For the record my OS is Linux Devuan Beowulf (Debian 10) and it has the latest version of ca-certificates available (20200601). This also includes ca-certificates-java (20190405) and ca-certificates-mono (5.18.0.240+dfsg-3). Running "update-ca-certificates" ran successfully, but I'm still getting that above error when updating ClamAV.
>
> This never happened before, as running freshclam always updated the definitions without any issues. Is it something on my end I need to do or is it an issue with ClamAV?
>
> Thanks
> --
> Chris Garcia
> https://supersamplestar.bandcamp.com/
> https://www.bitchute.com/channel/supersamplestar/
> Securely sent with Tutanota. Claim your encrypted mailbox today!
> https://tutanota.com
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml

Hi there,

On Wed, 23 Dec 2020, Chris via clamav-users wrote:

> I'm using ClamAV version 0.103.0 and recently whenever I try to
> update ClamAV with freshclam, for some reason it ...
> WARNING: Message: SSL peer certificate or SSH remote key was not OK

Is there a firewall or a proxy or something between you and the ClamAV
server which might be messing with the connection?

> WARNING: getpatch: Can't download daily-26002.cdiff from https://database.clamav.net/daily-26002.cdiff

That's nearly a month old, just checking you know that.

> ... OS is Linux Devuan Beowulf (Debian 10) and it has the latest
> version of ca-certificates available (20200601) ...

I had a brief fling with Devuan years ago but gave up with it (because
of the noise on the mailing list, not because of Devuan itself). So I
don't know much about it but they might possibly have borked something
I suppose. If it isn't something between you and the server, you
might want to try spinning up a live CD or a minimal VM or something
just to see if you have more luck downloading with a different OS. It
won't be a lot of work just to install freshclam and grab some data.

> This never happened before, as running freshclam always updated the
> definitions without any issues. Is it something on my end I need to
> do or is it an issue with ClamAV?

The ClamAV server here is on the Debian-based Raspberry Pi OS. I've
seen no issues updating for absolutely ages. If there was a problem
with the ClamAV servers (especially one ongoing since November), I'd
have expected to see a lot of wailing on this list. I haven't, so I
guess it's probably at your end.

--

73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Hello

Yea it's starting to sound like Devuan might have broken something.  I did an openssl test another user suggested and all dates and info he highlighted came back the same and I have all necessary files.  Normally I use a VPN, but even restarting my computer and turning off the VPN i still get the same error.
Thanks
--
Chris Garcia
https://supersamplestar.bandcamp.com/
https://www.bitchute.com/channel/supersamplestar/
Securely sent with Tutanota. Claim your encrypted mailbox today!
https://tutanota.com



Dec 23, 2020, 19:55 by clamav-users@lists.clamav.net:

> Hi there,
>
> On Wed, 23 Dec 2020, Chris via clamav-users wrote:
>
>> I'm using ClamAV version 0.103.0 and recently whenever I try to
>> update ClamAV with freshclam, for some reason it ...
>> WARNING: Message: SSL peer certificate or SSH remote key was not OK
>>
>
> Is there a firewall or a proxy or something between you and the ClamAV
> server which might be messing with the connection?
>
>> WARNING: getpatch: Can't download daily-26002.cdiff from https://database.clamav.net/daily-26002.cdiff
>>
>
> That's nearly a month old, just checking you know that.
>
>> ... OS is Linux Devuan Beowulf (Debian 10) and it has the latest
>> version of ca-certificates available (20200601) ...
>>
>
> I had a brief fling with Devuan years ago but gave up with it (because
> of the noise on the mailing list, not because of Devuan itself). So I
> don't know much about it but they might possibly have borked something
> I suppose. If it isn't something between you and the server, you
> might want to try spinning up a live CD or a minimal VM or something
> just to see if you have more luck downloading with a different OS. It
> won't be a lot of work just to install freshclam and grab some data.
>
>> This never happened before, as running freshclam always updated the
>> definitions without any issues. Is it something on my end I need to
>> do or is it an issue with ClamAV?
>>
>
> The ClamAV server here is on the Debian-based Raspberry Pi OS. I've
> seen no issues updating for absolutely ages. If there was a problem
> with the ClamAV servers (especially one ongoing since November), I'd
> have expected to see a lot of wailing on this list. I haven't, so I
> guess it's probably at your end.
>
> --
>
> 73,
> Ged.
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>

Chris,

Is the date/time correct on your machine? You can get this error if the time is incorrect.

Eg if I set my date back to 2012:

? sudo date 010417352012
[sudo] password for micasnyd:
Wed Jan 4 17:35:00 PST 2012

? ~/.clamav/bin/freshclam
ClamAV update process started at Wed Jan 4 17:35:09 2012
daily database available for update (local version: 25990, remote version: 26038)
Current database is 48 versions behind.
Downloading database patch # 25991...
WARNING: Download failed (60) WARNING: Message: SSL peer certificate or SSH remote key was not OK
WARNING: getpatch: Can't download daily-25991.cdiff from https://database.clamav.net/daily-25991.cdiff
…

-Micah


From: clamav-users <clamav-users-bounces@lists.clamav.net> On Behalf Of Joel Esler (jesler) via clamav-users
Sent: Wednesday, December 23, 2020 4:11 PM
To: ClamAV users ML <clamav-users@lists.clamav.net>
Cc: Joel Esler (jesler) <jesler@cisco.com>
Subject: Re: [clamav-users] freshclam can't download updates due to SSL issue

Nothing has changed on our end.
Sent from my ? iPhone


On Dec 23, 2020, at 13:57, Chris via clamav-users <clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>> wrote:
?
Hello

I'm using ClamAV version 0.103.0 and recently whenever I try to update ClamAV with freshclam, for some reason it spits out this error:

WARNING: Download failed (60) WARNING: Message: SSL peer certificate or SSH remote key was not OK
WARNING: getpatch: Can't download daily-26002.cdiff from https://database.clamav.net/daily-26002.cdiff

I Googled for some answers on this and a few of the answers said to make sure my "ca-certificates" were updated. For the record my OS is Linux Devuan Beowulf (Debian 10) and it has the latest version of ca-certificates available (20200601). This also includes ca-certificates-java (20190405) and ca-certificates-mono (5.18.0.240+dfsg-3). Running "update-ca-certificates" ran successfully, but I'm still getting that above error when updating ClamAV.

This never happened before, as running freshclam always updated the definitions without any issues. Is it something on my end I need to do or is it an issue with ClamAV?

Thanks
--
Chris Garcia
https://supersamplestar.bandcamp.com/
https://www.bitchute.com/channel/supersamplestar/
Securely sent with Tutanota. Claim your encrypted mailbox today!
https://tutanota.com

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml