Error in Updater


I am testing out Duplicati Beta and was checking the logs and see the above message consistently. Below is the output from the log. Is anyone else seeing this?

System.Net.WebException: Error: SendFailure (Error writing headers) ---> System.Net.WebException: Error writing headers ---> System.IO.IOException: The authentication or decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate received from server. Error code: 0xffffffff800b010a
  at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.RemoteValidation (Mono.Security.Protocol.Tls.ClientContext context, AlertDescription description) <0x7f5ec7d578 + 0x00110> in <filename unknown>:0 
  at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates (Mono.Security.X509.X509CertificateCollection certificates) <0x7f5ec7d450 + 0x00083> in <filename unknown>:0 
  at Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1 () <0x7f5ec78cb0 + 0x00147> in <filename unknown>:0 
  at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () <0x7f5ec882b0 + 0x00077> in <filename unknown>:0 
  at (wrapper remoting-invoke-with-check) Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
  at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage (Mono.Security.Protocol.Tls.TlsStream handMsg) <0x7f5ec91760 + 0x000a7> in <filename unknown>:0 
  at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback (IAsyncResult asyncResult) <0x7f5ec8f6c0 + 0x002bf> in <filename unknown>:0 
  --- End of inner exception stack trace ---
  at Mono.Security.Protocol.Tls.SslClientStream.EndNegotiateHandshake (IAsyncResult result) <0x7f5ec59870 + 0x000c8> in <filename unknown>:0 
  at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) <0x7f5ec59580 + 0x00097> in <filename unknown>:0 
  --- End of inner exception stack trace ---
  --- End of inner exception stack trace ---
  at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) <0x7f5db79900 + 0x0016c> in <filename unknown>:0 
  at System.Net.HttpWebRequest.GetResponse () <0x7f5db783c8 + 0x0006f> in <filename unknown>:0 
  at System.Net.WebClient.GetWebResponse (System.Net.WebRequest request) <0x7f5db78370 + 0x00023> in <filename unknown>:0 
  at System.Net.WebClient.DownloadBits (System.Net.WebRequest request, System.IO.Stream writeStream, System.Net.CompletionDelegate completionDelegate, System.ComponentModel.AsyncOperation asyncOp) <0x7f5db78068 + 0x00117> in <filename unknown>:0 
  at System.Net.WebClient.DownloadFile (System.Uri address, System.String fileName) <0x7f5db76858 + 0x0010b> in <filename unknown>:0

I don’t see it, but then I’m running on Windows and it looks to me like perhaps you’re running on Linux or Mac OS. Can you clarify what OS you’re using?

That is such an obvious question; I am sorry for not including it. :slight_smile:

I am testing Replicati on a system running Ubuntu 16.04.03 on a single board computer with 2GB of RAM. (The RAM probably does not matter, but I am including it anyway.)

Got it - I have an Ubuntu VM sitting around, I’ll see if I can replicate the problem.

Just out of curiosity is it actually working OK even though it’s logging that error?

And to what destination type are you pointing (S3, SFTP, WebDAV, etc.)?

My uneducated GUESS is that the issue is related to certificates. Windows ships with a bunch of Root and Intermediate Certificate Authorities (CA) which I believe are kept fresh with Windows Update.

Unfortunately, it appears Mono’s certificate store is empty by default. This page (FAQ: Security | Mono) suggests four solutions, 3 of which are potentially useful:

  1. Make sure ca-certificates-mono is installed (if you’ve got Mono 3.12.0 or newer)
  2. Use the Mono certmgr.exe tool to add root certificates into the Mono Trust store
  3. use the Mono 1.1.10+ mozroots.exe tool to download and install ALL off Mozilla’s root certificates
1 Like


Thank you for the suggestion.

Unfortunately, I have not been able to validate a backup yet as I had planned to do a backup last night and B2 was down for maintenance. :frowning: I tried to run one via CLI and that failed as discussed on this post, and so in summary, I have been unable to test whether backups work with Duplicati.

I am hoping to schedule and run a backup via the GUI this weekend.

I will look into the certificate situation in more detail although if the backup works then I might just ignore the errors.

jl_678, I forgot to ask earlier but where are you seeing the errors - associated with the specific job or in the “Show log” section?

If in “Show log” is it Stored or Live and, if Live, in what log level are they appearing?


I see it in the show log section. I click check for update and the head to show logs. I have not really thought about live logs, but I could open a new window and try it out.

I tried the steps you mentioned (check for update, then look at log) on my Ubuntu VM and did non see the error. Sounds like whatever the issue is might be specific to your setup or machine (which might be why I’m not finding any other topics about it).

It does sound like an SSL error, you can try the steps described here: SSL TLS support in Mono · duplicati/duplicati Wiki · GitHub


I am can confirm that this is fixed. I installed Duplicati in Ubuntu via the .deb file via gdebi. For whatever reason, it did not install ca-certificates-mono, and I just installed it.

The @kenkendk github test passed. However, the location of TlsTest.exe was confusing. For those who are wondering, the installed path for me was /usr/lib/duplicati/utility-scripts/TlsTest.exe.

I will mark this solution resolved and highlight @JonMikelV answer as the solution since he originally pointed out the certificate issue.