[SOLVED] argo cd remote error: tls: handshake failure

argo cd remote error: tls: handshake failure

i want to deploy redis from bitnami charts . but i facing issue that

rpc error: code = Unknown desc = Manifest generation error (cached): `helm dependency build` failed exit status 1: Error: could not download https://charts.bitnami.com/bitnami/redis-17.11.7.tgz: Get "https://charts.bitnami.com/bitnami/redis-17.11.7.tgz": remote error: tls: handshake failure

but when i run manual on my cluster is fine. i dont know where the configuration to solving this issue

Solution

>sslscan charts.bitnami.com
Version: 2.0.0 Windows 64-bit (Mingw)
OpenSSL 1.1.1e-dev  xx XXX xxxx

Connected to 99.86.38.56

Testing SSL server charts.bitnami.com on port 443 using SNI name charts.bitnami.com

  SSL/TLS Protocols:
SSLv2     disabled
SSLv3     disabled
TLSv1.0   disabled
TLSv1.1   disabled
TLSv1.2   enabled
TLSv1.3   enabled

  TLS Fallback SCSV:
Server supports TLS Fallback SCSV

  TLS renegotiation:
Session renegotiation not supported

  TLS Compression:
Compression disabled

  Heartbleed:
TLSv1.3 not vulnerable to heartbleed
TLSv1.2 not vulnerable to heartbleed

  Supported Server Cipher(s):
Preferred TLSv1.3  128 bits  TLS_AES_128_GCM_SHA256        Curve 25519 DHE 253
Accepted  TLSv1.3  256 bits  TLS_AES_256_GCM_SHA384        Curve 25519 DHE 253
Accepted  TLSv1.3  256 bits  TLS_CHACHA20_POLY1305_SHA256  Curve 25519 DHE 253
Preferred TLSv1.2  128 bits  ECDHE-RSA-AES128-GCM-SHA256   Curve 25519 DHE 253
Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA256       Curve 25519 DHE 253
Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-GCM-SHA384   Curve 25519 DHE 253
Accepted  TLSv1.2  256 bits  ECDHE-RSA-CHACHA20-POLY1305   Curve 25519 DHE 253
Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA384       Curve 25519 DHE 253
Accepted  TLSv1.2  128 bits  AES128-GCM-SHA256
Accepted  TLSv1.2  256 bits  AES256-GCM-SHA384
Accepted  TLSv1.2  128 bits  AES128-SHA256

  Server Key Exchange Group(s):
TLSv1.3  128 bits  secp256r1 (NIST P-256)
TLSv1.3  192 bits  secp384r1 (NIST P-384)
TLSv1.3  128 bits  x25519
TLSv1.2  128 bits  secp256r1 (NIST P-256)
TLSv1.2  192 bits  secp384r1 (NIST P-384)
TLSv1.2  128 bits  x25519

  Server Signature Algorithm(s):
TLSv1.3  Server accepts all signature algorithms.

  SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength:    2048

Subject:  charts.bitnami.com
Altnames: DNS:charts.bitnami.com
Issuer:   Amazon RSA 2048 M02

Not valid before: Nov 16 00:00:00 2023 GMT
Not valid after:  Dec 13 23:59:59 2024 GM

Make sure your client provides a cipher suite list that match one of the Supported Server Cipher(s), then you are good to go.