Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to connect to source / NullReferenceException / Unable to create an SSL/TLS secure channel / could not create ssl/tls secure channel #3244

Closed
4 tasks done
s-celles opened this issue Jun 30, 2023 · 28 comments
Labels

Comments

@s-celles
Copy link

Checklist

  • I have verified this is the correct repository for opening this issue.
  • I have verified no other issues exist related to my problem.
  • I have verified this is not an issue for a specific package.
  • I have verified this issue is not security related.

What You Are Seeing?

Trying to upgrade all packages raises a NullReferenceException

choco upgrade all
Chocolatey v2.1.0
Upgrading the following packages:
all
By upgrading, you accept licenses for the packages.
Unable to load the service index for source https://community.chocolatey.org/api/v2/.
Unable to connect to source 'https://community.chocolatey.org/api/v2/':
 La référence d'objet n'est pas définie à une instance d'un objet.

chocolatey was not found with the source(s) listed.
 If you specified a particular version and are receiving this message, it is possible that the package name exists but the version does not.
 Version: ""; Source(s): "https://community.chocolatey.org/api/v2/"

Chocolatey upgraded 0/1 packages.
 See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).

Warnings:
 - chocolatey - chocolatey was not found with the source(s) listed.

I was using previously 1.4 version than upgrade to 2.0 where things are going wrong so I decided to delete C:\ProgramData\chocolatey directory (probably not my best idea) than reinstalling Chocolatey latest version 2.1 ... but it didn't fix my problem

What is Expected?

Should upgrade all packages

How Did You Get This To Happen?

  1. install choco 1.4
  2. upgrade to 2.0
  3. choco upgrade all (fails)
  4. remove chocolatey directory
  5. install latest choco 2.1

System Details

  • Operating System: 10.0.19045.0
  • Windows PowerShell version: 5.1.19041.3031
  • Chocolatey CLI Version: 2.1.0
  • Chocolatey Licensed Extension version: 0
  • Chocolatey License type:
  • Terminal/Emulator: Microsoft Terminal

Installed Packages

>choco list
Chocolatey v2.1.0
chocolatey 2.1.0
1 packages installed.


### Output Log

```bash
>choco upgrade all --debug --verbose
Chocolatey v2.1.0
Chocolatey is running on Windows v 10.0.19045.0
Attempting to delete file "C:/ProgramData/chocolatey/choco.exe.old".
Attempting to delete file "C:\ProgramData\chocolatey\choco.exe.old".
Command line: "C:\ProgramData\chocolatey\choco.exe" upgrade all --debug --verbose
Received arguments: upgrade all --debug --verbose
RemovePendingPackagesTask is now ready and waiting for PreRunMessage.
Sending message 'PreRunMessage' out if there are subscribers...
[Pending] Removing all pending packages that should not be considered installed...
Performing validation checks.
Global Configuration Validation Checks:
 - Package Exit Code / Exit On Reboot = Checked
System State Validation Checks:
 Reboot Requirement Checks:
 - Pending Computer Rename = Checked
 - Pending Component Based Servicing = Checked
 - Pending Windows Auto Update = Checked
 - Pending File Rename Operations = Ignored
 - Pending Windows Package Installer = Checked
 - Pending Windows Package Installer SysWow64 = Checked
The source 'https://community.chocolatey.org/api/v2/' evaluated to a 'normal' source type

NOTE: Hiding sensitive configuration data! Please double and triple
 check to be sure no sensitive data is shown, especially if copying
 output to a gist for review.
Configuration: CommandName='upgrade'|
CacheLocation='C:\Users\scell\AppData\Local\Temp\chocolatey'|
CommandExecutionTimeoutSeconds='2700'|WebRequestTimeoutSeconds='30'|
Sources='https://community.chocolatey.org/api/v2/'|SourceType='normal'|
ShowOnlineHelp='False'|Debug='True'|Verbose='True'|Trace='False'|
Force='False'|Noop='False'|HelpRequested='False'|
UnsuccessfulParsing='False'|RegularOutput='True'|QuietOutput='False'|
PromptForConfirmation='True'|DisableCompatibilityChecks='False'|
AcceptLicense='False'|AllowUnofficialBuild='False'|Input='all'|
AllVersions='False'|SkipPackageInstallProvider='False'|
SkipHookScripts='False'|PackageNames='all'|Prerelease='False'|
ForceX86='False'|OverrideArguments='False'|NotSilent='False'|
ApplyPackageParametersToDependencies='False'|
ApplyInstallArgumentsToDependencies='False'|IgnoreDependencies='False'|
CacheExpirationInMinutes='30'|AllowDowngrade='False'|
ForceDependencies='False'|PinPackage='False'|
Information.PlatformType='Windows'|
Information.PlatformVersion='10.0.19045.0'|
Information.PlatformName='Windows 10'|
Information.ChocolateyVersion='2.1.0.0'|
Information.ChocolateyProductVersion='2.1.0'|
Information.FullName='choco, Version=2.1.0.0, Culture=neutral, PublicKeyToken=79d02ea9cad655eb'|

Information.Is64BitOperatingSystem='True'|
Information.Is64BitProcess='True'|Information.IsInteractive='True'|
Information.UserName='scell'|
Information.UserDomainName='DESKTOP-PHOENIX'|
Information.IsUserAdministrator='True'|
Information.IsUserSystemAccount='False'|
Information.IsUserRemoteDesktop='False'|
Information.IsUserRemote='True'|
Information.IsProcessElevated='True'|
Information.IsLicensedVersion='False'|
Information.IsLicensedAssemblyLoaded='False'|
Information.LicenseType='Foss'|
Information.CurrentDirectory='C:\Users\scell'|
Features.AutoUninstaller='True'|Features.ChecksumFiles='True'|
Features.AllowEmptyChecksums='False'|
Features.AllowEmptyChecksumsSecure='True'|
Features.FailOnAutoUninstaller='False'|
Features.FailOnStandardError='False'|Features.UsePowerShellHost='True'|
Features.LogEnvironmentValues='False'|Features.LogWithoutColor='False'|
Features.VirusCheck='False'|
Features.FailOnInvalidOrMissingLicense='False'|
Features.IgnoreInvalidOptionsSwitches='True'|
Features.UsePackageExitCodes='True'|
Features.UseEnhancedExitCodes='False'|
Features.UseFipsCompliantChecksums='False'|
Features.ShowNonElevatedWarnings='True'|
Features.ShowDownloadProgress='True'|
Features.StopOnFirstPackageFailure='False'|
Features.UseRememberedArgumentsForUpgrades='False'|
Features.IgnoreUnfoundPackagesOnUpgradeOutdated='False'|
Features.SkipPackageUpgradesWhenNotInstalled='False'|
Features.RemovePackageInformationOnUninstall='False'|
Features.ExitOnRebootDetected='False'|
Features.LogValidationResultsOnWarnings='True'|
Features.UsePackageRepositoryOptimizations='True'|
ListCommand.LocalOnly='False'|ListCommand.IdOnly='False'|
ListCommand.IncludeRegistryPrograms='False'|ListCommand.PageSize='25'|
ListCommand.Exact='False'|ListCommand.ByIdOnly='False'|
ListCommand.ByTagOnly='False'|ListCommand.IdStartsWith='False'|
ListCommand.OrderByPopularity='False'|ListCommand.ApprovedOnly='False'|
ListCommand.DownloadCacheAvailable='False'|
ListCommand.NotBroken='False'|
ListCommand.IncludeVersionOverrides='False'|
ListCommand.ExplicitPageSize='False'|
ListCommand.ExplicitSource='False'|
UpgradeCommand.FailOnUnfound='False'|
UpgradeCommand.FailOnNotInstalled='False'|
UpgradeCommand.NotifyOnlyAvailableUpgrades='False'|
UpgradeCommand.ExcludePrerelease='False'|
NewCommand.AutomaticPackage='False'|
NewCommand.UseOriginalTemplate='False'|SourceCommand.Command='unknown'|
SourceCommand.Priority='0'|SourceCommand.BypassProxy='False'|
SourceCommand.AllowSelfService='False'|
SourceCommand.VisibleToAdminsOnly='False'|
FeatureCommand.Command='unknown'|ConfigCommand.Command='Unknown'|
ApiKeyCommand.Command='Unknown'|PinCommand.Command='Unknown'|
OutdatedCommand.IgnorePinned='False'|
ExportCommand.IncludeVersionNumbers='False'|Proxy.BypassOnLocal='True'|
TemplateCommand.Command='unknown'|CacheCommand.Command='Unknown'|
CacheCommand.RemoveExpiredItemsOnly='False'|
_ Chocolatey:ChocolateyUpgradeCommand - Normal Run Mode _
Upgrading the following packages:
all
By upgrading, you accept licenses for the packages.
Running list with the following filter = ''
--- Start of List ---
Resolving resource PackageSearchResource for source C:\ProgramData\chocolatey\lib
chocolatey 2.1.0
--- End of List ---
Running list with the following filter = ''
--- Start of List ---
chocolatey 2.1.0
--- End of List ---
Resolving resource ListResource for source https://community.chocolatey.org/api/v2/
Unable to load the service index for source https://community.chocolatey.org/api/v2/.
Resolving resource PackageMetadataResource for source https://community.chocolatey.org/api/v2/
Unable to connect to source 'https://community.chocolatey.org/api/v2/':
 System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet.
   à chocolatey.infrastructure.app.nuget.NugetList.<>c__DisplayClass19_1.<FindPackage>b__2()
   à chocolatey.infrastructure.tolerance.FaultTolerance.TryCatchWithLoggingException[T](Func`1 function, String errorMessage, Boolean throwError, Boolean logWarningInsteadOfError, Boolean logDebugInsteadOfError, Boolean isSilent)

chocolatey was not found with the source(s) listed.
 If you specified a particular version and are receiving this message, it is possible that the package name exists but the version does not.
 Version: ""; Source(s): "https://community.chocolatey.org/api/v2/"

Chocolatey upgraded 0/1 packages.
 See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).

Warnings:
 - chocolatey - chocolatey was not found with the source(s) listed.
Sending message 'PostRunMessage' out if there are subscribers...
Exiting with 0


### Additional Context

_No response_
@s-celles s-celles added the Bug label Jun 30, 2023
@gep13
Copy link
Member

gep13 commented Jul 1, 2023

@scls19fr are you familiar with how to use Fiddler? https://www.telerik.com/fiddler. It would be very useful to see the outgoing requests and responses when this happens, in order to try to track down exactly what is going on.

Is this something you would be able to help provide?

@s-celles
Copy link
Author

s-celles commented Jul 1, 2023

I never used it but can probably give it a try with some guidance.

@gep13
Copy link
Member

gep13 commented Jul 1, 2023

@scls19fr that would be great! I have it on my list to create a short video of how to use it, in the context of debugging Chocolatey requests. I will try to get that video ready as soon as possible!

@gep13
Copy link
Member

gep13 commented Jul 3, 2023

@scls19fr I have put together a short video of how to look at the request/responses that are being used by the Chocolatey CLI in this short video:

https://youtu.be/z4CwJ-MF7ik

It would be great if you could have a watch of that video, and then grab the session archive at the time you are seeing the problem in Chocolatey CLI.

Let me know here if you run into any problems with grabbing the required information. Thanks!

@s-celles
Copy link
Author

s-celles commented Jul 3, 2023

Thanks @gep13 can you email me at (edited) to have a private chat ? I can provide a Teamviewer access if you want

@gep13
Copy link
Member

gep13 commented Jul 3, 2023

@scls19fr that isn't something that I can offer right now, no. If you don't get anywhere with the Fiddler session archive, then perhaps we can look to doing a paired session.

@s-celles
Copy link
Author

s-celles commented Jul 3, 2023

ok I will try Fiddler Classic now

@s-celles
Copy link
Author

s-celles commented Jul 3, 2023

That's odd because after accepting Fiddler certificate mentioned at https://youtu.be/z4CwJ-MF7ik?t=256 the problem disappear.
Any idea what is wrong ?

@s-celles
Copy link
Author

s-celles commented Jul 3, 2023

It's only working without error message when Fiddler is "Capturing"... if Capturing is disabled it doesn't work anymore

@TheCakeIsNaOH
Copy link
Member

TheCakeIsNaOH commented Jul 3, 2023

Any idea what is wrong ?

That is really weird.

The output of choco upgrade all --verbose --debug --trace might help, when run both with fiddler running and without fiddler running. So it would be similar to your existing output log, but with network tracing enabled.

@s-celles
Copy link
Author

s-celles commented Jul 3, 2023

I think I have a certificate problem because I get (with Fiddler disabled)

System.Net Error: 0 : [7420] Exception dans HttpWebRequest#10655236:: - La demande a été abandonnée : Impossible de créer un canal sécurisé SSL/TLS..
System.Net Error: 0 : [7420] Exception dans HttpWebRequest#10655236::EndGetResponse - La demande a été abandonnée : Impossible de créer un canal sécurisé SSL/TLS..

ie

Unable to create an SSL/TLS secure channel

@superbonaci
Copy link

Which Fiddler version should I download for Windows 7? There are 5 versions available, maybe the Fiddler Classic?

@s-celles
Copy link
Author

s-celles commented Jul 3, 2023

I used Fiddler Classic but I'm using Windows 10

@superbonaci
Copy link

Wouldn't be easier to have an option to disable secure connection?

choco --nossl --notls upgrade all

@s-celles
Copy link
Author

s-celles commented Jul 4, 2023

I don't think disabling ssl is "fashionable'. I think my system is messed up (and probably yours also)... It's probably a certificate problem. I ever encoutered exactly same issue "Unable to create an SSL/TLS secure channel" or "could not create ssl/tls secure channel" (I don't know the exact english translation) with an other program (a VPN to connect to my work network). The simplest workaround (but the longuest) will probably to reinstall Windows. I will do that in the next coming days / weeks if noone can give us some ideas to fix that.

@s-celles s-celles changed the title Unable to connect to source / NullReferenceException Unable to connect to source / NullReferenceException / Unable to create an SSL/TLS secure channel Jul 4, 2023
@corbob
Copy link
Member

corbob commented Jul 4, 2023

Wouldn't be easier to have an option to disable secure connection?

choco --nossl --notls upgrade all

You are welcome to not use TLS. Chocolatey works just fine without it (all of my local repository testing is against http). You however cannot use any host that is at chocolatey.org without https. And many other internet sites also prevent non-secure connections.

Further, the underlying nuget libraries emit messages that http is deprecated and planned to be blocked in the future.

@s-celles s-celles changed the title Unable to connect to source / NullReferenceException / Unable to create an SSL/TLS secure channel Unable to connect to source / NullReferenceException / Unable to create an SSL/TLS secure channel / could not create ssl/tls secure channel Jul 4, 2023
@gep13
Copy link
Member

gep13 commented Jul 4, 2023

@superbonaci said...
Which Fiddler version should I download for Windows 7? There are 5 versions available, maybe the Fiddler Classic?

In the video that I linked to, I am using the application that is installed via choco install fiddler, which is the Fiddler Classic.

@gep13
Copy link
Member

gep13 commented Jul 4, 2023

@superbonaci said...
Wouldn't be easier to have an option to disable secure connection?

Chocolatey CLI aims to be as secure as possible, so providing an option to bypass SSL/TLS is not something that we would be considering.

@gep13
Copy link
Member

gep13 commented Jul 4, 2023

@scls19fr said...
It's only working without error message when Fiddler is "Capturing"... if Capturing is disabled it doesn't work anymore

I can't think of a reason to explain why Chocolatey commands would work successfully when running Fiddler, and for those same commands to not work when Fiddler isn't running. This is very strange.

@superbonaci
Copy link

superbonaci commented Jul 4, 2023

@scls19fr I have put together a short video of how to look at the request/responses that are being used by the Chocolatey CLI in this short video:

https://youtu.be/z4CwJ-MF7ik

It would be great if you could have a watch of that video, and then grab the session archive at the time you are seeing the problem in Chocolatey CLI.

Let me know here if you run into any problems with grabbing the required information. Thanks!

At 3:48 says:
Note: changes may not take effect until Fiddler Classic is restarted.

I've noticed that you didn't restart.

@scls19fr That's odd because after accepting Fiddler certificate mentioned at https://youtu.be/z4CwJ-MF7ik?t=256 the problem disappear. Any idea what is wrong ?

The problem didn't disappear for me, still investigating.

@s-celles
Copy link
Author

s-celles commented Jul 4, 2023

You are right @superbonaci I forgot to restart (because I'm not a native english listener... and so I missed that part of the video... and probably more). On my side I decided to take the simple (but quite long) path ... reinstall Windows and thanks to Boxstarter my system is nearly ready (and I'm not encountering this issue anymore). Thanks @gep13 and all for your help and great software

@s-celles s-celles closed this as completed Jul 4, 2023
@superbonaci
Copy link

We have a problem here, because my issue #3250 is marked as a duplicate of this one but hasn't been fixed yet.

@superbonaci
Copy link

You are right @superbonaci I forgot to restart (because I'm not a native english listener... and so I missed that part of the video... and probably more). On my side I decided to take the simple (but quite long) path ... reinstall Windows and thanks to Boxstarter my system is nearly ready (and I'm not encountering this issue anymore). Thanks @gep13 and all for your help and great software

You shouldn't mark the issue as solved until you actually reinstall windows and verify that is working, maybe happens the same again.

@s-celles
Copy link
Author

s-celles commented Jul 4, 2023

Ok reopening so

@s-celles s-celles reopened this Jul 4, 2023
@superbonaci
Copy link

superbonaci commented Jul 4, 2023

Here's the first Fiddler's session log (there are 12 but they are exactly the same):

Raw Headers (Read-only)

CONNECT community.chocolatey.org:443 HTTP/1.1
User-Agent: Chocolatey Command Line/2.1.0 via NuGet Client/6.4.1 (Microsoft Windows NT 6.1.7601 Service Pack 1)
Host: community.chocolatey.org
Connection: Keep-Alive

Response (Raw)

HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 10:47:49.957
Connection: close

fiddler.network.https> HTTPS handshake to community.chocolatey.org (for #3) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The function requested is not supported

Win32 (SChannel) Native Error Code: 0x80090302

@superbonaci
Copy link

superbonaci commented Jul 5, 2023

@scls19fr install chocolatey 1.4.0 works for me. #3250

@gep13
Copy link
Member

gep13 commented Jul 7, 2023

@scls19fr @superbonaci I am going to go ahead and close out this issue again.

@superbonaci as discussed in your other issue, I believe the root cause to be different, even though the error that is surfaced to the command line is the same.

@scls19fr said...
On my side I decided to take the simple (but quite long) path ... reinstall Windows and thanks to Boxstarter my system is nearly ready (and I'm not encountering this issue anymore).

Glad to hear that you are back up and running!

@gep13
Copy link
Member

gep13 commented Jul 7, 2023

@scls19fr @superbonaci I have also added a follow up documentation issue here: chocolatey/docs#772 to try to capture more information regarding this problem, and how to resolve it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

5 participants