Sonarr version 2.0.0.4323:
Mono version 4.0.4:
Mac OS X 10.11.6:
((Debug logs)):
16-9-12 22:07:40.6|Fatal|NzbDroneErrorPipeline|Request Failed
[v2.0.0.4323] System.Net.WebException: Error: SendFailure (Error writing headers) ---> System.Net.WebException: Error writing headers ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: The authentication or decryption has failed.
at Mono.Security.Protocol.Tls.RecordProtocol.ProcessAlert (AlertLevel alertLevel, AlertDescription alertDesc) [0x00013] in /private/tmp/source-mono-mac-4.0.0-bug-33585-hotfix/bockbuild-mono-4.0.0-branch/profiles/mono-mac-xamarin/build-root/mono-4.0.4/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs:574
at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) [0x000d0] in /private/tmp/source-mono-mac-4.0.0-bug-33585-hotfix/bockbuild-mono-4.0.0-branch/profiles/mono-mac-xamarin/build-root/mono-4.0.4/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs:376
--- End of inner exception stack trace ---
at Mono.Security.Protocol.Tls.SslClientStream.EndNegotiateHandshake (IAsyncResult result) [0x00035] in /private/tmp/source-mono-mac-4.0.0-bug-33585-hotfix/bockbuild-mono-4.0.0-branch/profiles/mono-mac-xamarin/build-root/mono-4.0.4/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs:425
at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) [0x0000c] in /private/tmp/source-mono-mac-4.0.0-bug-33585-hotfix/bockbuild-mono-4.0.0-branch/profiles/mono-mac-xamarin/build-root/mono-4.0.4/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslStreamBase.cs:99
--- End of inner exception stack trace ---
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.EndGetRequestStream (IAsyncResult asyncResult) [0x00045] in /private/tmp/source-mono-mac-4.0.0-bug-33585-hotfix/bockbuild-mono-4.0.0-branch/profiles/mono-mac-xamarin/build-root/mono-4.0.4/mcs/class/System/System.Net/HttpWebRequest.cs:829
at System.Net.HttpWebRequest.GetRequestStream () [0x00057] in /private/tmp/source-mono-mac-4.0.0-bug-33585-hotfix/bockbuild-mono-4.0.0-branch/profiles/mono-mac-xamarin/build-root/mono-4.0.4/mcs/class/System/System.Net/HttpWebRequest.cs:845
at RestSharp.Http.WriteRequestBody (System.Net.HttpWebRequest webRequest) [0x00000] in <filename unknown>:0
at RestSharp.Http.PostPutInternal (System.String method) [0x00000] in <filename unknown>:0
at RestSharp.Http.AsPost (System.String httpMethod) [0x00000] in <filename unknown>:0
at RestSharp.RestClient.DoExecuteAsPost (IHttp http, System.String method) [0x00000] in <filename unknown>:0
at RestSharp.RestClient.Execute (IRestRequest request, System.String httpMethod, System.Func`3 getResponse) [0x00000] in <filename unknown>:0
Description of issue:
Sonarr throws the above exception when trying to call a WebHook via HTTPS (I’m trying to connect it to a Huginn install).
The server in question has Huginn reverse proxied behind nginx 1.11.1 with the following SSL options:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
The SSL certificate is from Let’s Encrypt and was issued on 9th September.
The WebHook works perfectly with Sonarr via HTTP, just not HTTPS.
Other programs, like cURL or Paw.app (and other native Mac applications) can call the WebHook just fine. ssllabs.com also tells me that nginx is set up quite correctly (and indeed, I haven’t had any issues with any other software connecting to the server).
I’m afraid I’m completely clueless when it comes to C# and mono
My (mostly baseless) assumption is that mono doesn’t support SNI? Sonarr doesn’t appear to have any problems connecting to other HTTPS URLs.
Does anyone know what the problem is? Do I need to enable a different cipher? I’d really like to use HTTPS.