freundbild

Hi @treibalen

thanks for responding. The curl command mentioned does not initially provide any further insights here:

* Rebuilt URL to: https://bridge.mailpoet.com/
* Trying 2a01:7e01:1::ac69:9259...
* TCP_NODELAY set
* Connected to bridge.mailpoet.com (2a01:7e01:1::ac69:9259) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
CAfile: none
CApath: /etc/ssl/certs/
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=*.mailpoet.com
* start date: Apr 25 00:00:00 2022 GMT
* expire date: May 26 23:59:59 2023 GMT
* subjectAltName: host "bridge.mailpoet.com" matched cert's "*.mailpoet.com"
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x8c593c8)
> GET / HTTP/2
> Host: bridge.mailpoet.com
> User-Agent: curl/7.59.0
> Accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2 200
< date: Fri, 03 Jun 2022 08:27:45 GMT
< content-type: application/json
< content-length: 4
< x-content-type-options: nosniff
< strict-transport-security: max-age=15724800; includeSubDomains
<
* Connection #0 to host bridge.mailpoet.com left intact

I have therefore examined the behaviour more closely via the following loop:

For IPv4:
IPv=4; URL=https://bridge.mailpoet.com; while true; do curl –connect-timeout 60 -$[IPv] $URL; done
HELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELOHELO

For IPv6:
IPv=6; URL=https://bridge.mailpoet.com; while true; do curl –connect-timeout 60 -$[IPv] $URL; done
HELOHELOcurl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to bridge.mailpoet.com:443

As you can see, the other side seems to “limit” the connection briefly for accesses via IPv6 depending on two outputs. This then causes a timeout.

Would be great if you could have a look on it.

Thanks again and regards

Daniel

Thanks, but we already tested that – but PHP update to 8.x leads to other issues so we switched back . FYI: cURL is version 7.59.0 and PHP is stable version 7.4.29. Is PHP 8 a requirement for a stable MailPoet Installation?