So I have 2 installations of SABNZBD one is a local copy running on Windows where Pushbullet notificaitons work fine.
My other SABNZBD installation is running on a linux machine in a data centre and I get an error when trying to send a pushbullet notification from that instance...
I don't have admin rights to so I need to open a support ticket... But I want to try to describe to them what it is that they have to fix... When I look at the config screen there is a problem noted with SSL... I am guessing that this might be causing the pushbullet problem?
The python version is noted as - 2.7.6 (default, Nov 23 2017, 15:49:48) [GCC 4.8.4] [UTF-8]
OpenSSL: OpenSSL 1.0.1f 6 Jan 2014
Warning Secure (SSL) connections from SABnzbd to newsservers and HTTPS websites will be encrypted, however, validating a server's identity using its certificates is not possible. Python 2.7.9 or above, OpenSSL 1.0.2 or above and up-to-date local CA certificates are required.
When I do a test for a pushbullet notification using the same working API key that I use on my local copy of SAB I get the error - Failed to send pushbullet message
Here is the relevant part of the debug log...
2019-01-04 15:41:56,691::INFO::[apikey=<APIKEY>] Sending Pushbullet notification
2019-01-04 15:41:56,700::WARNING::[notifier:523] Failed to send pushbullet message
2019-01-04 15:41:56,700::INFO::[notifier:524] Traceback:
Traceback (most recent call last):
File "/etc/seedbox-from-scratch/sabnzbd/sabnzbd/notifier.py", line 515, in send_pushbullet
'Content-type': 'application/json'})
File "/usr/lib/python2.7/httplib.py", line 1017, in request
self._send_request(method, url, body, headers)
File "/usr/lib/python2.7/httplib.py", line 1051, in _send_request
self.endheaders(body)
File "/usr/lib/python2.7/httplib.py", line 1013, in endheaders
self._send_output(message_body)
File "/usr/lib/python2.7/httplib.py", line 864, in _send_output
self.send(msg)
File "/usr/lib/python2.7/httplib.py", line 826, in send
self.connect()
File "/usr/lib/python2.7/httplib.py", line 1220, in connect
self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file)
File "/usr/lib/python2.7/ssl.py", line 487, in wrap_socket
ciphers=ciphers)
File "/usr/lib/python2.7/ssl.py", line 243, in __init__
self.do_handshake()
File "/usr/lib/python2.7/ssl.py", line 405, in do_handshake
self._sslobj.do_handshake()
SSLError: [Errno 1] _ssl.c:510: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
__version__ = 19
__encoding__ = utf-8
error sending pushbullet notification
Forum rules
Help us help you:
Help us help you:
- Are you using the latest stable version of SABnzbd? Downloads page.
- Tell us what system you run SABnzbd on.
- Adhere to the forum rules.
- Do you experience problems during downloading?
Check your connection in Status and Interface settings window.
Use Test Server in Config > Servers.
We will probably ask you to do a test using only basic settings. - Do you experience problems during repair or unpacking?
Enable +Debug logging in the Status and Interface settings window and share the relevant parts of the log here using [ code ] sections.
Re: error sending pushbullet notification
The version of Python/OpenSSL is too old.
Pushbullet seems to only support TLSv1.2+, while your Python/OpenSSL doesn't.
Pushbullet seems to only support TLSv1.2+, while your Python/OpenSSL doesn't.
If you like our support, check our special newsserver deal or donate at: https://sabnzbd.org/donate
Re: error sending pushbullet notification
As Safihre says: The version of your Python/OpenSSL on Linux/Seedbox is too old. So ask your seedbox provider for a install with at least Python 2.7.9. If they can't, choose another provider.
Background: Python 2.7.6 is from 2013, and is included on Ubuntu 14.04 (released in ... 2014). So that's all at 5-6 years old. Too old for today's secure connections.
FWIW: the problem is not TLS 1.2, but SNI (Server Name Indication) as used and forced by api.pushbullet.com.
See the "SNI mandatory" ... for which you need Python 2.7.9 or higher.
Background: Python 2.7.6 is from 2013, and is included on Ubuntu 14.04 (released in ... 2014). So that's all at 5-6 years old. Too old for today's secure connections.
FWIW: the problem is not TLS 1.2, but SNI (Server Name Indication) as used and forced by api.pushbullet.com.
Code: Select all
$ ./testssl.sh api.pushbullet.com 2>&1 | grep SNI
Common Name (CN) *.pushbullet.com (request w/o SNI didn't succeed)
Trust (hostname) Ok via SAN wildcard and CN wildcard (SNI mandatory)