Homebrew gives SSL error (SSL_ERROR_SYSCALL) on home network

As the title says, when I try to install packages via homebrew through my home network, I get the following error:

curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to akamai.bintray.com:443 
Error: Failed to download resource "rclone"
Download failed: https://homebrew.bintray.com/bottles/rclone-1.38.high_sierra.bottle.tar.gz

However, I can download from the .tar.gz URL that is specified just fine through my browser.

I know this is only a problem with my home network because when I tether my phone it works fine.

Probably got something to do with my router settings and/or ISP but I am not sure where to look.

Thanks for the help! :)

philosopher

Posted 2017-11-01T15:07:45.753

Reputation: 283

1Did you ever figure this out? I'm seeing the same issue and it is also limited to my home network. – Alexander Ekdahl – 2018-02-04T03:14:52.797

1Nope, I just use another network for this stuff :( – philosopher – 2018-02-05T04:22:00.193

1I managed to fix it by adding --ciphers ECDHE-RSA-AES128-GCM-SHA256 to the curl request. Another solution is to download a newer version curl. – Alexander Ekdahl – 2018-02-25T23:27:45.487

1Thanks man, how did you figure it out? Also can you tell me which curl version you installed to get it working, because I got the latest version and its still not working :( I'm on Mac OSX – philosopher – 2018-03-01T16:23:48.713

1@AlexanderEkdahl do you why this happens by any chance? I am curious – philosopher – 2018-03-02T18:00:40.330

Answers

Since you're using LibreSSL, try re-installing curl with OpenSSL instead of Secure Transport.

The latest brew, it depends on OpenSSL by default, so you've to reinstall it:

brew reinstall curl

For older Brew, there was an option --with-openssl which was removed, e.g.

brew reinstall curl --with-openssl

Here are few other suggestions:

Run brew options curl to display install options specific to formula.
Compile from the source. Check curl.rb formula for more details.
Make sure you're not using http_proxy/https_proxy.
Use -v to curl for more verbose output.
Try using BSD curl at /usr/bin/curl, run which -a curl to list them all.
Make sure you haven't accidentally blocked curl in your firewall (such as Little Snitch).
Alternatively use wget.

kenorb

Posted 2017-11-01T15:07:45.753

Reputation: 16 795

brew reinstall curl --with-openssl get Error: invalid option: --with-openssl – Jeff Tian – 2019-03-15T10:07:58.303

Check brew options curl to display install options specific to formula, as per manual.

– kenorb – 2019-03-15T13:21:37.273

Thanks for the reply. But my brew options curl gives empty result. What gives? – Jeff Tian – 2019-03-18T02:24:39.750

It seems the option was removed, try reinstalling it without any option. I've updated the answer.

– kenorb – 2019-03-18T11:41:26.750

Thanks, I tried brew reinstall curl, but got: curl is keg-only, which means it was not symlinked into /usr/local, because macOS already provides this software and installing another version in parallel can cause all kinds of trouble.

How do I uninstall it from macOS first (seems macOS builtin include that package). – Jeff Tian – 2019-03-19T02:34:54.953

1Try: brew uninstall curl. The one which comes from macOS, you can't uninstall it. You need to install new one in /usr/local and Brew should adjust $PATH, to point to the new one first. – kenorb – 2019-03-19T14:07:50.013

Thanks a lot, @kenorb! – Jeff Tian – 2019-03-20T03:56:11.900

A thought occurs to me -- have you checked your router to see if it is doing a transparent proxy for you?

If it is, then you may want to turn that off.

If you can't turn it off, then you might want to install a VPN solution that will allow you to bypass it.

Just a thought.

Brad Knowles

Posted 2017-11-01T15:07:45.753

Reputation: 124

this was the problem for me - thanks – Franco – 2018-06-26T21:14:19.013

Thanks. By the router acting as a transparent proxy, I guess it means all my requests are intercepted by the router? Is this a security risk even if my traffic is https encrypted? – philosopher – 2018-09-27T08:45:36.117