NZBGeek no longer working

Hi,
Running on Linux through Docker and NZBGeek no longer works. I am getting the following error. NZBGeek says that the issue is caused by .NET version. Unsure how that translates with MONO.

As sonarr is a .NET application and we do not support the older SSL methods .NET 4.5 is a minimum requirement for SSL communications with NZBgeek.

NzbDroneErrorPipeline
Invalid request Validation failed: 
-- Unable to connect to indexer, check the log for more details


Newznab
Unable to connect to indexer: The operation has timed out: The operation has timed out

System.Net.WebException: The operation has timed out
at System.Net.HttpWebRequest.GetResponse()
at NzbDrone.Common.Http.HttpClient.Execute(HttpRequest request) in m:\BuildAgent\work\6c3239faf2b92630\src\NzbDrone.Common\Http\HttpClient.cs:line 120
at NzbDrone.Core.Indexers.HttpIndexerBase`1.FetchPage(IndexerRequest request, IParseIndexerResponse parser) in m:\BuildAgent\work\6c3239faf2b92630\src\NzbDrone.Core\Indexers\HttpIndexerBase.c​s:line 202
at NzbDrone.Core.Indexers.HttpIndexerBase`1.TestConnection() in m:\BuildAgent\work\6c3239faf2b92630\src\NzbDrone.Core\Indexers\HttpIndexerBase.c​s:line 218

Sonarr will fall back to using curl (if available) when running under mono, which should get around the previous issues. That doesn’t look like an SSL error though, looks like you’re unable to connect to their API server at all.

I’m having this same problem. It appears to be mono related. Perhaps nzbgeek have upgraded to some mono unsupported TLS version?

Edit: Forgot to mention, I’m running mono 4.0.2.5 (stable).

kodi@kodibuntu:~/Downloads$ mono tlstest.exe https://nzbgeek.info/

https://nzbgeek.info/
FAILED: #-2146233087
System.IO.IOException: The authentication or decryption has failed. ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: The authentication or decryption has failed.
  at Mono.Security.Protocol.Tls.RecordProtocol.ProcessAlert (AlertLevel alertLevel, AlertDescription alertDesc) [0x00000] in <filename unknown>:0
  at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
  --- End of inner exception stack trace ---
  at Mono.Security.Protocol.Tls.SslClientStream.EndNegotiateHandshake (IAsyncResult result) [0x00000] in <filename unknown>:0
  at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0
  --- End of inner exception stack trace ---
  at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x00000] in <filename unknown>:0

Just a bit more info, chrome tells me that they’re running TLS 1.2, AES_128_GCM for encryption and auth, and ECDHE_RSA for key exchange.

Only TLS 1.0 is supported on mono at the moment. Make sure libcurl is available on your system so Sonarr can fall back to it.

This is my post to the other admins on reddit:

It details how they can be secure and still support Sonarr’s (unfortunately dated) SSL protocols.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.