How to fix a SSL connection error when downloading the Site24x7 Linux server monitoring agent installer

How to fix a SSL connection error when downloading the Site24x7 Linux server monitoring agent installer

In a few scenarios, when you try to download the Site24x7 Linux server monitoring agent installer, an SSL connection failure error message will display. Follow the instructions below based on your use case to fix this error.


Prerequisite:
For seamless installation of Linux server monitoring agent, TLS version of 1.2 or above is required. To check the version of TLS in your Linux device, run the following command in terminal:
openssl ciphers -v | awk '{print $2}' | sort | uniq
Scenario 1: "wget" command detects lower version of TLS
Issue

Though the required version of TLS is present in your Linux device, the "wget" utility might detect a lower version to connect with Site24x7 download domains.

 

Solution 1:

Set the security protocol of "wget" utility to use TLS version of 1.2:

  1. Check whether TLSv1.2 is available in the machine with the command: "openssl ciphers -v | awk '{print $2}' | sort | uniq" .

  2. Change the TLS version:

    • For changing the TLS version for all your downloads through "wget" utility:

      • Edit the file "/etc/wgetrc" or "/usr/local/etc/wgetrc" by replacing the line "#secureprotocol = auto" with "secureprotocol = TLSv1_2".

    • For changing the TLS version for only this download instance:

      • Add the parameter (param) "--secure-protocol=TLSv1_2" to the "wget" utility. In other words, you can execute this command: wget --secure-protocol=TLSv1_2 https://staticdownloads.site24x7.com/server/Site24x7_Linux_64bit.install

Solution 2:

If either the "wget" command is unavailable, or OpenSSL is too old and blocks downloads through "wget" with TLS1.2, use "curl" utility.

 

If using the "curl" utility is not effective, manually enter TLS version 1.2 in the "curl" utility by adding parameter (param) "--tlsv1.2".

 

In other words, execute this command in terminal window:

curl -Lo --tlsv1.2 Site24x7_Linux_64bit.install  https://staticdownloads.site24x7.com/server/Site24x7_Linux_64bit.install

 Scenario 2: SSL certificates are not updated 
Issue

SSL errors can pop-up when SSL certificates of your Linux device is not updated.

Solution:

Refresh the SSL certificates by executing the following command:

/usr/sbin/update-ca-certificates --fresh

After updating your SSL certificates, try downloading the linux agent by running this command in terminal:
wget https://staticdownloads.site24x7.com/server/Site24x7_Linux_64bit.install

 Scenario 3: Server doesn't have TLS version 1.2 or above 
Issue

Your Linux server has TLS versions prior to 1.2.


Solution
Upgrade your server to TLS versions 1.2 or above.

After upgrading your TLS version, try downloading the linux agent by running this command in terminal:
wget https://staticdownloads.site24x7.com/server/Site24x7_Linux_64bit.install
After downloading the server agent, run the following command in your terminal window to proceed with the installation of Site24x7 Linux server monitoring agent:
bash Site24x7_Linux_64bit.install -i -key=<xxxxxxxxxx> -automation=true

Note:
Replace "<xxxxxxxxxx>" with your device key. For security purposes, do not share your device key unless it is completely necessary.