Adithyansm
Active Member
NO. Are you using a proxy server anywhere or using a vpn connection?
NO. Are you using a proxy server anywhere or using a vpn connection?
openssl s_client -connect www.videolan.org:443
Like probably a week agoWhen were you last able to load that webpage from Linux? What happens when you try to connect to that website using openssl s_client?
Code:openssl s_client -connect www.videolan.org:443
Do i need to paste it in the terminalopenssl s_client -connect www.videolan.org:443
openssl s_client -connect www.videolan.org:443
CONNECTED(00000003)
depth=0 C = --, ST = SomeState, L = SomeCity, O = SomeOrganization, OU = SomeOrganizationalUnit, CN = blockeddomain.asianetindia.com, emailAddress = [email protected]
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = --, ST = SomeState, L = SomeCity, O = SomeOrganization, OU = SomeOrganizationalUnit, CN = blockeddomain.asianetindia.com, emailAddress = [email protected]
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:C = --, ST = SomeState, L = SomeCity, O = SomeOrganization, OU = SomeOrganizationalUnit, CN = blockeddomain.asianetindia.com, emailAddress = [email protected]
i:C = --, ST = SomeState, L = SomeCity, O = SomeOrganization, OU = SomeOrganizationalUnit, CN = blockeddomain.asianetindia.com, emailAddress = [email protected]
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEMjCCAxqgAwIBAgICQqIwDQYJKoZIhvcNAQELBQAwgc0xCzAJBgNVBAYTAi0t
MRIwEAYDVQQIDAlTb21lU3RhdGUxETAPBgNVBAcMCFNvbWVDaXR5MRkwFwYDVQQK
DBBTb21lT3JnYW5pemF0aW9uMR8wHQYDVQQLDBZTb21lT3JnYW5pemF0aW9uYWxV
bml0MScwJQYDVQQDDB5ibG9ja2VkZG9tYWluLmFzaWFuZXRpbmRpYS5jb20xMjAw
BgkqhkiG9w0BCQEWI3Jvb3RAYmxvY2tlZGRvbWFpbi5hc2lhbmV0aW5kaWEuY29t
MB4XDTE4MTAzMTA4MjMxOFoXDTE5MTAzMTA4MjMxOFowgc0xCzAJBgNVBAYTAi0t
MRIwEAYDVQQIDAlTb21lU3RhdGUxETAPBgNVBAcMCFNvbWVDaXR5MRkwFwYDVQQK
DBBTb21lT3JnYW5pemF0aW9uMR8wHQYDVQQLDBZTb21lT3JnYW5pemF0aW9uYWxV
bml0MScwJQYDVQQDDB5ibG9ja2VkZG9tYWluLmFzaWFuZXRpbmRpYS5jb20xMjAw
BgkqhkiG9w0BCQEWI3Jvb3RAYmxvY2tlZGRvbWFpbi5hc2lhbmV0aW5kaWEuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst6aDBMMD7gObmmtr2RJ
TCerKTStX0siq2CgOqpdxs8echByMvqBWg2cyUnFJNsr19YENCCPuQquHGcgTyQ9
S3L1wWSEidaoRuD+sIzLD4fxjtplOkC6Bj+RR6Te1aqdCrLfF7YRps2c2LbMKEfP
yr/61VifUjW/cmC0z37GqhQHZ4tYDycNyvksA5zN8FlCKq9M4rxATa1DcYxdrPkj
KUMzDOmexGIs12rwfecFl21I0Xz8u8FXJ2hHmRwVaPNXAMdlrXCEKOcGFsCRjm9f
LLFhtw5rmpyLqyACRAuK4b5HT46vi1YIDrqusVyni9/kPNyKVZ9aHZrXFrgjRD6O
QwIDAQABoxowGDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQsF
AAOCAQEAdht+4RCENdAbA196QkA9D4wuhdeUgp1tGbhWfB8EoXkyfNlM3xCetqSD
e9/cbwaIWUSB4eK7pgQUXkXMKTnMTZHGm9gkuuvKHol2ArSxvBE65v1kgVkeCUSZ
kYnO5Qe+LqwpBoUuz9mDGHtw0j+7RY9b0sb7uF6gBgGNqg8I1OZXP3JlqOmERLog
u0IAE407iLcOi2YMmeppkVhV/4xJK+MAL7C+rbbQ8Nw6rjWwNvc3kMvDHLPBojzc
6HS+7tIe/Lv3ZY03sUhoismpm4uY6QS3vh5JV/c1hRQ9XP//FGq0lK2XwZqKQwG0
6u3fdg3YrbPTvRVBmGt+OrhfdZhAaQ==
-----END CERTIFICATE-----
subject=C = --, ST = SomeState, L = SomeCity, O = SomeOrganization, OU = SomeOrganizationalUnit, CN = blockeddomain.asianetindia.com, emailAddress = [email protected]
issuer=C = --, ST = SomeState, L = SomeCity, O = SomeOrganization, OU = SomeOrganizationalUnit, CN = blockeddomain.asianetindia.com, emailAddress = [email protected]
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1780 bytes and written 434 bytes
Verification error: unable to verify the first certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 6A8C19B33D39A46042BCF50987580E4BD20B9F2AB2390E860DFC4515833BE748
Session-ID-ctx:
Master-Key: 34DAD90D3CACC1137A03A62ADFD064FEEF2BAAAB90D21CC0124606EAE4BB4CF75033C09EA522B5AD316D5BAE14E1602C
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 1f db 83 76 18 be 4b b6-df 6b 23 64 8b 04 be 80 ...v..K..k#d....
0010 - be b0 f1 c7 56 1b 72 29-67 b6 5e a8 8e c3 b6 c2 ....V.r)g.^.....
0020 - f2 d2 50 ca ad eb 35 e5-7d e8 c3 f4 4c c0 bf 71 ..P...5.}...L..q
0030 - ea 3e 53 27 ab 75 eb 1c-dd 35 54 ba 97 45 de a8 .>S'.u...5T..E..
0040 - c8 60 c0 20 2c f6 97 ce-19 f7 88 0e bd 7f ca e3 .`. ,...........
0050 - 7e 24 f5 f8 7a 4e 3d 1b-f1 9d 5a 47 1a da eb 6d ~$..zN=...ZG...m
0060 - 3f 53 82 f2 b7 1e 4e 2b-a5 12 c0 67 f7 d7 a0 7c ?S....N+...g...|
0070 - e2 80 5a 67 d7 c9 99 f5-80 e2 81 e2 89 d3 79 51 ..Zg..........yQ
0080 - c7 ee 3a ac 17 cf 70 a8-f2 ce bd 42 c7 98 2a 2e ..:...p....B..*.
0090 - 31 c4 ac 21 34 48 96 47-9d 34 0d f9 32 9e 23 41 1..!4H.G.4..2.#A
00a0 - 0c d9 fe ed 78 67 1b 06-ae 86 54 bb b0 b6 63 43 ....xg....T...cC
00b0 - 65 9c 02 8c 13 9c cc 71-66 c1 4b cf e1 24 42 15 e......qf.K..$B.
00c0 - 55 45 42 c3 51 e6 72 6d-16 df 46 a1 50 90 d1 0b UEB.Q.rm..F.P...
Start Time: 1645543948
Timeout : 7200 (sec)
Verify return code: 21 (unable to verify the first certificate)
Extended master secret: no
Yes you do that from the terminal. What Linux distribution are you running?Do i need to paste it in the terminal
curl -Ik https://www.videolan.org
Looks like Zorin to me based on the Logo on the taskbar at the bottom on the OP first postWould help to know which distro the op is is using!
If the OP is using a version of a Linux that is EOL and not maintained, or supported any more - the local ca-certificates will almost certainly be completely out of date.
That would cause this kind of problem.
It would also be interesting to see what ip you are seeing as pointing to www.videolan.org. Can you share the output of the following?Yes you do that from the terminal. What Linux distribution are you running?
Can you open a terminal and share output of the following?
Code:curl -Ik https://www.videolan.org
host www.videolan.org
SORRY for the late reply :
curl -Ik https://www.videolan.org
HTTP/1.1 200 OK
Date: Wed, 23 Feb 2022 13:47:55 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Last-Modified: Wed, 31 Oct 2018 08:52:34 GMT
ETag: "12a-579826c628ca3"
Accept-Ranges: bytes
Content-Length: 298
Content-Type: text/html; charset=UTF-8
www.videolan.org has address 172.16.16.250
I checked it by using tor and it works but how can I always use tor to browse its slow, and if my isp is blocking the access then why I am able to use the website on the same network on other devices(windows and android)?Have you tried a web proxy to see if you can access the site?
This will tell if your ISP is blocking it or not if you can get to it via web proxy then your ISP is killing it.
or12 Best Proxy Server Providers in 2024 [Free & Paid]
Discover the best proxy server services that offer unmatched speed, security, and reliability. It’s time to take control of your internet!hidester.com
Free web proxy - browse fast & anonymously
Best free web proxy, browse anonymously, and unblock your favorite websites.proxyscrape.com
That is a private range.Code:www.videolan.org has address 172.16.16.250
NetRange: 172.16.0.0 - 172.31.255.255
CIDR: 172.16.0.0/12
NetName: PRIVATE-ADDRESS-BBLK-RFC1918-IANA-RESERVED
www.videolan.org has address 213.36.253.2
cat /etc/resolv.conf
nmcli dev show
Code:cat /etc/resolv.conf nmcli dev show
cat /etc/resolv.conf
nmcli dev show
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0 trust-ad
search bbrouter
GENERAL.DEVICE: enp1s0
GENERAL.TYPE: ethernet
GENERAL.HWADDR: F8:A9:63:78:8A:D4
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: ethernet
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/2
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 192.168.1.3/24
IP4.GATEWAY: 192.168.1.1
IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 192.168.1.1, mt = 100
IP4.ROUTE[2]: dst = 192.168.1.0/24, nh = 0.0.0.0, mt = 100
IP4.ROUTE[3]: dst = 169.254.0.0/16, nh = 0.0.0.0, mt = 1000
IP4.DNS[1]: 8.8.8.8
IP4.DNS[2]: 8.8.4.4
IP6.ADDRESS[1]: fe80::14fe:395c:330b:3718/64
IP6.GATEWAY: --
IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 100
GENERAL.DEVICE: wlp2s0
GENERAL.TYPE: wifi
GENERAL.HWADDR: 90:48:9A:88:5A:6D
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: Home Network FIBER
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1
IP4.ADDRESS[1]: 192.168.1.4/24
IP4.GATEWAY: 192.168.1.1
IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 192.168.1.1, mt = 600
IP4.ROUTE[2]: dst = 192.168.1.0/24, nh = 0.0.0.0, mt = 600
IP4.DNS[1]: 192.168.1.1
IP4.DOMAIN[1]: bbrouter
IP6.ADDRESS[1]: fe80::e336:8624:d788:198f/64
IP6.GATEWAY: --
IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 600
GENERAL.DEVICE: p2p-dev-wlp2s0
GENERAL.TYPE: wifi-p2p
GENERAL.HWADDR: (unknown)
GENERAL.MTU: 0
GENERAL.STATE: 30 (disconnected)
GENERAL.CONNECTION: --
GENERAL.CON-PATH: --
GENERAL.DEVICE: lo
GENERAL.TYPE: loopback
GENERAL.HWADDR: 00:00:00:00:00:00
GENERAL.MTU: 65536
GENERAL.STATE: 10 (unmanaged)
GENERAL.CONNECTION: --
GENERAL.CON-PATH: --
IP4.ADDRESS[1]: 127.0.0.1/8
IP4.GATEWAY: --
IP6.ADDRESS[1]: ::1/128
IP6.GATEWAY: --
IP6.ROUTE[1]: dst = ::1/128, nh = ::, mt = 256
nmcli con mod "Home Network FIBER" ipv4.dns 8.8.8.8
nmcli con mod "Home Network FIBER" +ipv4.dns 8.8.4.4
sudo nmcli con reload
nmcli con up "Home Network FIBER"
nmcli dev show
host www.videolan.org
Yes, I have manually configured google DNS in my ethernet and wifi. Do I need to change that?It looks like you are only using google dns on your ethernet interface. Can you try changing that on your wifi as well, to see if that makes a difference when connecting to www.videolan.org.
And then share the output of the following again.Code:nmcli con mod "Home Network FIBER" ipv4.dns 8.8.8.8 nmcli con mod "Home Network FIBER" +ipv4.dns 8.8.4.4 sudo nmcli con reload nmcli con up "Home Network FIBER"
Code:host www.videolan.org.
No I was asking you to change the dns to google dns servers for your wifi interface as well, I shared in my previous reply how to do that.Yes, I have manually configured google DNS in my ethernet and wifi. Do I need to change that?