- NXP Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- Vigiles
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
-
- Home
- :
- i.MX Forums
- :
- i.MX Processors
- :
- Security configuration on www.nxp.com server throws unexpected SSL3_GET_RECORD error
Security configuration on www.nxp.com server throws unexpected SSL3_GET_RECORD error
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Security configuration on www.nxp.com server throws unexpected SSL3_GET_RECORD error
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I obtain this SSL3_GET_RECORD error from time to time but many times it makes impossible build a yocto recipe when it is necessary an external binary downloaded from www.nxp.com server:
This is the error from bitbake console:
HOME="/home/builder"; /usr/bin/env wget -t 2 -T 30 --passive-ftp --no-check-certificate 'https://www.nxp.com/lgfiles/NMG/MAD/YOCTO//imx-dpu-g2d-1.7.0.bin' --progress=dot -v failed with exit code 4, output:
--2019-07-24 07:52:35-- https://www.nxp.com/lgfiles/NMG/MAD/YOCTO//imx-dpu-g2d-1.7.0.bin
Resolving www.nxp.com (www.nxp.com)... 104.109.74.227 Connecting to www.nxp.com (www.nxp.com)|104.109.74.227|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2128718 (2.0M) [application/octet-stream] Saving to: ‘<http://buildserver:8080/job/thud/ws/projects/downloads/imx-dpu-g2d-1.7.0.bin%E2%80%99>
0K .......... .......... .......... .......... .......... 2% 701K 3s
50K .......... .......... .......... .......... .......... 4% 929K 2s
100K .......... .......... .......... .......... .......... 7% 4.40M 2s
150K .......... .......... .......... .......... .......... 9% 1.28M 2s
200K .......... .......... .......... .......... .......... 12% 4.21M 1s
250K .......... .......... .......... .......... .......... 14% 6.42M 1s
300K .......... .......... .......... .......... .......... 16% 1.74M 1s
350K .......... .......... .......... .......... .......... 19% 8.81M 1s
400K .......... .......... .......... .......... .......... 21% 6.87M 1s
450K .......... .......... .......... .......... .......... 24% 11.0M 1s
500K .......... .......... .......... .......... .......... 26% 8.68M 1s
550K .......... .......... .......... .......... .......... 28% 10.0M 1s
600K .......... .......... .......... .......... .......... 31% 14.1M 1s
650K .......... .......... .......... .......... .......... 33% 2.52M 1s
700K .......... .......... .......... .......... .......... 36% 9.41M 0s
750K .......... .......... .......... .......... .......... 38% 9.95M 0s
800K .......... .......... .......... .......... .......... 40% 10.1M 0s
850K .......... .......... .......... .......... .......... 43% 14.1M 0s
900K .......... .......... .......... .......... .......... 45% 9.56M 0s
950K .......... .......... .......... .......... .......... 48% 12.3M 0s
1000K .......... .......... .......... .......... .......... 50% 10.5M 0s
1050K .......... .......... .......... .... 52% 2.91M=0.3s
2019-07-24 07:52:36 (3.35 MB/s) - Read error at byte 1110814/2128718 (error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac). Retrying.
--2019-07-24 07:52:37-- (try: 2) https://www.nxp.com/lgfiles/NMG/MAD/YOCTO//imx-dpu-g2d-1.7.0.bin
Connecting to www.nxp.com (www.nxp.com)|104.109.74.227|:443... connected.
HTTP request sent, awaiting response... 206 Partial Content
Length: 2128718 (2.0M), 1017904 (994K) remaining [application/octet-stream] Saving to: ‘<http://buildserver:8080/job/thud/ws/projects/downloads/imx-dpu-g2d-1.7.0.bin%E2%80%99>
[ skipping 1050K ]
1050K ,,,,,,,,,, ,,,,,,,,,, ,,,,,,,,,, ,,,,...... .......... 52% 31.2M 0s
1100K .......... .......... .......... .......... .......... 55% 548K 1s
1150K .......... .......... .......... .......... .......... 57% 2.97M 1s
1200K .......... .......... .......... .......... .......... 60% 1.71M 1s
1250K . 60% 3245G=0.1s
2019-07-24 07:52:38 (1.18 MB/s) - Read error at byte 1281742/2128718 (error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac). Giving up.
ERROR: imx-dpu-g2d-1.7.0-r0 do_fetch: Fetcher failure for URL: 'https://www.nxp.com/lgfiles/NMG/MAD/YOCTO//imx-dpu-g2d-1.7.0.bin;fsl-eula=true'. Unable to fetch URL from any source.
ERROR: imx-dpu-g2d-1.7.0-r0 do_fetch: Function failed: base_do_fetch
NOTE: recipe imx-dpu-g2d-1.7.0-r0: task do_fetch: Failed
After debugging the issue, and building the same recipe from different regions, if the resolved IP for the host www.nxp.com is 104.109.74.227, the wget command fails with the SSL error:
Read error at byte 1110814/2128718 (error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac). Retrying.
but if I modify my /etc/hosts to resolve www.nxp.com with the IP 23.65.6.72 (which I obtain from a different region) it starts working fine.
I think it is a different security configuration between the mirrors of www.nxp.com,
Could you confirm it?
Thanks,
gusarambula
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Arturo Buzarra,
Thank you for reporting this issue. There are many servers used and it could be possible that one of these was having problems. Some tests were run using IP 104.109.74.227 but the problem was not reproduced.
Would it be possible to test again to see if this issue persists or if it was a temporary problem? If it is still present, please let us know the exact time the issue was encountered. If you are working on different hosts, are all seeing the same problems?
Regards,
