Unable to Push to repo / gnutls_handshake() failed

I have searched of course already for a solution to this problem, but I have not seen a description of the issue that truly matches my own (or, the solution was way over my head). 

I am working on Mac OS but in a virtual machine that uses Ubuntu (for all coding). I try to push to my repo as normal (after successful local commit): 

git push origin master

 This is the error I receive:

fatal: unable to access 'https://github.com/moreKEYTAR/nameofmyrepohere/':
gnutls_handshake() failed: The TLS connection was non-properly terminated.

I think it might have to do with my vagrant virtual machine? What is a TLS connection? 

Thanks for helping out a new community member.

TLS is ths ‘s’ in https, it means the encryption of your connection to github. This error message means that git is having trouble setting up such a secure connection. This might be due to a change github made recently, no longer allowing older, more vulnerable, encryption methods. Which version of git, libcurl and openssl are installed on your Ubuntu VM?

1 Like

Thanks much for the response.

git version 2.7.4

OpenSSL 1.0.2g  1 Mar 2016

Did curl --version and got:

curl 7.47.0 (x86_64-pc-linux-gnu) libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3

Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp

Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP UnixSockets

I also tried 

sudo apt-get update

which failed. I got messages that were versions of these three:

N: Data from such a repository can't be authenticated and is therefore
potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: The repository 'http://security.ubuntu.com/ubuntu xenial-security Release' does
not have a Release file.

Those messages from apt-get are unrelated, they indicate that your sources.list is malformed.

I also had a look on an Ubuntu Xenial system, and unfortunately my guess was incorrect: those versions are just fine. So unfortunately my earlier guess was wrong and this has nothing to do with the recent change.

Could you please try the following to collect more debug information:

GIT_TRACE_PACKET=1 GIT_TRACE=1 GIT_CURL_VERBOSE=1 git push origin master

1 Like

I shut my machine down (thousandth time), and this time the angels smiled because all of a sudden I can push. But I am worried about future iterations. So, no need to respond if you are not curious, but here is what I got from that command (first half):

* Couldn’t find host github.com in the .netrc file; using defaults

*   Trying 192.30.255.112…

* Connected to github.com (192.30.255.112) port 443 (#0)

* found 148 certificates in /etc/ssl/certs/ca-certificates.crt

* found 594 certificates in /etc/ssl/certs

* ALPN, offering http/1.1

* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256

*  server certificate verification OK

*  server certificate status verification SKIPPED

*  common name: github.com (matched)

*  server certificate expiration date OK

*  server certificate activation date OK

*  certificate public key: RSA

*  certificate version: #3

*  subject:

*  start date: Thu, 10 Mar 2016 00:00:00 GMT

*  expire date: Thu, 17 May 2018 12:00:00 GMT

*  issuer: C=US,O=DigiCert Inc,OU=www.digicert.com,CN=DigiCert SHA2 Extended Validation Server CA

*  compression: NULL

* ALPN, server accepted to use http/1.1

> GET /moreKEYTAR/hackerrank-practice.git/info/refs?service=git-receive-pack HTTP/1.1

Host: github.com

User-Agent: git/2.7.4

Accept: */*

Accept-Encoding: gzip

Accept-Language: en-US, *;q=0.9

Pragma: no-cache

< HTTP/1.1 401 Authorization Required

< Server: GitHub Babel 2.0

< Content-Type: text/plain

< Content-Length: 62

< WWW-Authenticate: Basic realm=“GitHub”

< X-GitHub-Request-Id: F6FE:2885:1BCE229:29F8EBB:5AE260DA

< X-Frame-Options: DENY

<

* Connection #0 to host github.com left intact

Anyway, it was very kind of you to try to help me. *Raises glass mug *

Glad to hear that it now works! If it starts failing again, please repeat that command I gave and send the output here in a new question :smiley:

1 Like

I’m facing a similar problem since yesterday.

It started all of a sudden.

Details:

OS: Ubuntu 17.10

fatal: unable to access ‘https://github.com/github/debug-repo/’: gnutls_handshake() failed: The TLS connection was non-properly terminated.

2 Likes

I’ve encountered the same problem for the last two days. 
Situation:
    I’m using laptop (HP stream 11 clean installed with ubuntu 16.04 LTS). I was sitting in a University’s office, where two wifi are provided:University’s guest-wifi(not secure, i.e. has not lock symbol next to the wifi signal sign) instead of eduroam(secure, i.e. has the lock symboll next to the wifi signal sign). My laptop chose to connect to the not-secure, guest-wifi by default.
Solution:
    I connected to the secure wifi instead, and all problem was fixed.

Sorry if I’m not writing efficiently. I’m still amateur at using Ubuntu; but I thought I’d put this out there in case anyone googles and stumble upon this question.

2 Likes

Hi - I was facing a similar issue. Realized it started around when my usage of Antivirus software Kaspsersky started. Didn’t have time to really dig in, but switching off Kaspersky and restarting fixed the issue. Right when KS turned on again manually, issue arose. I’m looking into other AV, not sure what they do, but seems to muck with TLS data, probably needed to add to firewall or something but KS was annoying anyways.

6 Likes

Same witih me. Existing Kaspersky solved it. Thanks

Hi, 

I’m getting same error “gnutls_handshake() failed : The TLS connection was non-properly terminated”. While browsing for fix, I saw your message. I ran the commnd and got following output. It would be of great help if you could help me fixing the issue. I ran the git push command from Ubuntu app on Windows 10 machine.

gopaa@DESKTOP-DCUG7VS:~/repos/salarypredictionportfolio$ GIT_TRACE_PACKET=1 GIT_TRACE=1 GIT_CURL_VERBOSE=1 git push origin master
16:44:59.566520 git.c:344 trace: built-in: git push origin master
16:44:59.568008 run-command.c:640 trace: run_command: GIT_DIR=.git git-remote-https origin https://github.com/gopaa/salarypredictionportfolio.git
* Couldn’t find host github.com in the .netrc file; using defaults
* Trying 192.30.253.113…
* TCP_NODELAY set
* Connected to github.com (192.30.253.113) port 443 (#0)
* found 133 certificates in /etc/ssl/certs/ca-certificates.crt
* found 399 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* gnutls_handshake() failed: The TLS connection was non-properly terminated.
* stopped the pause stream!
* Closing connection 0
fatal: unable to access ‘https://github.com/gopaa/salarypredictionportfolio.git/’: gnutls_handshake() failed: The TLS connection was non-properly terminated.

Thanks very much.

Regards.

Thank you @bholmquist11 this was driving me nuts!

Just to add another bit of information: you can configure Kaspersky to stay out of the way and let git work properly as follows:

  1. In the main Kaspersky window click on the cog to go to settings
  2. Click on the “Additional” section on the left
  3. Select “Network” to access network settings
  4. In the “Encrypted connections scanning” section do one (whichever you prefer) of the following:
  5. Switch it off altogether by setting the radio button to “Do not scan encrypted connections”
  6. Click on “Manage exclusions” a bit further down and in the window that pops up add the domains of your git repository (e.g. github.com or whatever else you use)
6 Likes

thank you …it worked for me .

Hi @bholmquist11 what I did was disable my Kaspersky and that’s it.

thanks ! works for me too.

I met the same problem, after I using what you recommend to do, the output is the following:"

root@server:~/ACL_2018$  GIT_TRACE_PACKET=1 GIT_TRACE=1 GIT_CURL_VERBOSE=1  git clone https://github.com/ZexinYan/Medical-Report-Generation.git
10:34:46.021703 git.c:344 trace: built-in: git ‘clone’ ‘https://github.com/ZexinYan/Medical-Report-Generation.git
Cloning into ‘Medical-Report-Generation’…
10:34:46.026512 run-command.c:334 trace: run_command: ‘git-remote-https’ ‘origin’ ‘https://github.com/ZexinYan/Medical-Report-Generation.git
* Couldn’t find host github.com in the .netrc file; using defaults
* Trying 13.229.188.59…
* Connected to github.com (13.229.188.59) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 597 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* gnutls_handshake() failed: The TLS connection was non-properly terminated.
* Closing connection 0
fatal: unable to access ‘https://github.com/ZexinYan/Medical-Report-Generation.git/’: gnutls_handshake() failed: The TLS connection was non-properly terminated.

Which os and version are you using?

It only happens to me, when using VPN. With SonicWall Global VPN Client connect, the handshake error occurs. Otherwise, works fine.

When using VPN,you have to do this :

git config --global http.proxy http://<my_proxy>:<my_port>
git config --global https.proxy https://<my_proxy>:<my_port>