I recently installed Fedora 33 on my old Lenovo laptop. I was able to perform software updates (using yum as well as the GUI interface). I am able to ping websites from the terminal, but I'm unable to browse the internet. I get the following error:
An error occurred during a connection to unix.com. SSL peer reports incorrect Message Authentication Code.
Error code: SSL_ERROR_BAD_MAC_ALERT
I've installed Windows 10 on VirtualBox running on the Fedora OS and tried browsing from the VM but I also can't browse or perform Windows updates.
None of the solutions I found with my websearch has helped in my case.
If anyone can help me get to a solution it would be greatly appreciated.
Thanks for the welcome, @hicksd8
I've actually come across that page in my search.
I'm trying to just access www.google.com and I'm getting the SSL error. I then tried the first workaround of adding the URL to the fallback hosts config. It kinda worked? The page loaded about a fifth of the way. When I tried to perform a google search directly from the address bar I again got the SSL error. If I'm going to need to add every website I need to access then the work-around will not be very practical for me, unfortunately.
The second work-around I have tried as well, even leaving the router unplugged for a minute or two. i also removed the access control by MAC address, thinking that perhaps it was picking up that the same MAC address of my laptop no longer has the same fingerprint/OS? That didn't work either.
The third work-around for setting the time was not an issue. The OS is set to automatic time and date and it matches that of the router.
Lastly, the security.ssl3 config change also didn't help.
I've cleared cookies, offline data, history, rebooted, etc Nothing is helping
It really is so strange to me because it's a brand new installation with no custom configs yet. I've tried with Chromium browser as well and with different proxy settings.
My phone and other laptop (Windows 10) works fine on the same router.
I just tried another thing now that I forgot I could do.
I made a hotspot of my phone, with the internet coming from mobile data. Same issue
I actually haven't tried that yet. I was on Wi-Fi. Turned Wi-Fi off and used a direct cable connection. Still get the same message.
I found a list of non-https sites and I can access those. So it seems like it's just the https sites.
So how did you install Fedora? Was it a bare metal install? Or on top of another O/S?
What model of laptop is it? How old is it? Is the BIOS up-to-date? Are there any obviously BIOS network settings to try toggling?
You can tell that I'm thinking this is a Lenovo thing!!!
Levono have been notorious for installing crapware on their products so if this wasn't a bare metal install (Fedora or Windows) then perhaps we should look at that possibility.
You've done a sterling job of taking a logical approach to this problem, so much so, that I'm getting convinced that it's a Lenovo issue.
Search Google for "Lenovo crapware".
Here's one that pertains to secure ethernet which might be worth a look but I don't think this is it.
And this one:
Please post back your progress and we'll keep thinking. It might well be that a few years ago they could get away with such crapware but the improvement in internet man-in-the-middle detection means that this is now being caught. Other experts on this forum might have more knowledge than I about this.
Okay, so my Lenovo used to run Windows 10. At the time (about two weeks back) it had all the latest drivers and BIOS firmware. I did a bare-metal install of Fedora from a USB flash drive.
The laptop specs:
Lenovo T440P
Intel i5 CPU
8GB RAM
I retrofitted a 128GB M.2 SSD on which the OS is running. The other internal drive is a standard 500GB.
I'm also starting to think it might be a hardware issue. The installation kept bombing out when I tried to install on the 500GB (to preserve my Windows install). So I just made a image backup of the Windows install and install Fedora on the SSD with no issues.
There are no obvious network configs in the BIOS that would make a difference. The only change I made to the BIOS was to disable secure boot.
I've never heard of these Lenovo issues before, but it's worth a look. Thanks for the links! I'll keep you posted.
Agreed that it's probably a Lenovo issue but as far as hardware goes what? You've tried both a wi-fi interface and a cable interface. You know where the install media came from and it's not Lenovo. You wiped everything from the box and did a bare-metal install.
Major thing to check is the BIOS update. If they were installing crapware when your laptop was manufactured it's quite likely that there were BIOS tweaks to enable that. If since then they have stopped installing crapware, then they've probably issued a new, and more standard, BIOS update. Just a possibility.
Okay, here's a small update.
The Windows guest OS doesn't have any trace of the SuperFish software or certificates. I managed to get the BIOS firmware from Lenovo's site but I'm having an issue with getting the BIOS updated using my flash drive to boot from. It tells me no image was found. I've seen other users run into the same issue and then got it working by using a CDROM instead. Who even writes CD's any more...but anyway, I'm going to see if I can get one sometime and do the update.
