git upgrade is failing in side the VM

Varma 1,385 Reputation points
2024-05-24T06:53:16.1666667+00:00

while upgrading git to latest version in virtual machine, I am seeing following error. Please suggest

ERROR:

curl: (35) openSSL_SSL_connect:

SSL_ERROR_SYSCALL in connection to gitforwindows.org:443

my observation:

under application logs and after help of query I noticed there is deny rul for this host.

i see there is DENY rule for gitforwindows:443

so now could you please provide me steps to add this host in the NAT application rule to add exception? how to add that?

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,109 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Deepanshukatara-6769 11,700 Reputation points
    2024-05-24T07:26:46.1433333+00:00

    Hi Varma, Welcome to MS Q&A

    Sure, if you're using Azure VM and Azure Network, you can configure the Network Security Group (NSG) associated with your VM to allow outbound connections to gitforwindows.org on port 443 (HTTPS). Here's a step-by-step guide:

    Access Azure Portal: Log in to the Azure Portal (https://portal.azure.com).

    Navigate to your Virtual Machine: Find and select your virtual machine from the list of resources.

    Locate Network Security Group (NSG): In the left-hand menu of your VM's page, under Settings, click on "Networking" and then select the Network Security Group associated with your VM.

    View and Edit NSG Rules:

    • In the Network Security Group page, under Settings, click on "Inbound security rules" or "Outbound security rules" depending on where you want to add the rule.
      • If you want to allow outbound connections, click on "Outbound security rules".
    1. Add Outbound Rule:
    • Click on "+ Add" to add a new outbound security rule.
      • Configure the rule:
      • Source: You can set it to "Any" if you want to allow outbound connections from any source. Alternatively, you can specify the source IP address range of your VM.
      • Source port ranges: Leave it as "*" to include all source ports.
        • Destination: Set it to any
        • Destination port ranges: Set it to "443" to allow HTTPS connections.
        • Protocol: Select "Any" or specifically "TCP" if you only want to allow TCP connections.
        • Action: Set it to "Allow".
        • Priority: Assign a priority number to the rule to determine its order of precedence. Lower numbers have higher priority.
        • Name: Give a name to the rule for identification.
        • Click "Add" to create the rule.

    Review and Apply Changes:

    • Review the newly added rule in the list.
      • Once you are satisfied with the rule, click "Save" or "Apply" to apply the changes to the NSG.
      Test Connection:
      - Retry the upgrade process for Git on your Azure VM to see if the SSL connection issue is resolved. You should no longer encounter the SSL_ERROR_SYSCALL.
      

    By following these steps, you'll configure the NSG associated with your Azure VM to allow outbound connections to gitforwindows.org on port 443, resolving the SSL connection issue.

    Doc for ref--> https://learn.microsoft.com/en-us/azure/virtual-network/tutorial-filter-network-traffic

    Kindly check and let us know if any issues , if it helps , please accept answer


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.