Snap api does not work in cuba?

Hello, I would like to know if the snap api is blocked for Cuba. Before I could use it but a while ago it throws connection refused.

You mean the snap store? Can you run curl -D- -v and attach the output?

Hi, the output is:

networld@srv0:~# curl -D- -v http s:// api. snapcraft .io /

  • Trying…
  • Connected to api. snapcraft .io ( port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • successfully set certificate verify locations:
  • CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • TLSv1.3 (IN), TLS handshake, Server hello (2):
  • TLSv1.2 (IN), TLS handshake, Certificate (11):
  • TLSv1.2 (IN), TLS handshake, Server key exchange (12):
  • TLSv1.2 (IN), TLS handshake, Server finished (14):
  • TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
  • TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
  • TLSv1.2 (OUT), TLS handshake, Finished (20):
  • TLSv1.2 (IN), TLS handshake, Finished (20):
  • SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
  • ALPN, server did not agree to a protocol
  • Server certificate:
  • subject: C=GB; L=London; O=Canonical Group Ltd; CN=api .snapcraft .io
  • start date: Sep 23 00:00:00 2021 GMT
  • expire date: Sep 23 23:59:59 2022 GMT
  • subjectAltName: host “api. snapcraft .io” matched cert’s “ap i.snapcraft. io”
  • issuer: C=US; O=DigiCert Inc; CN=DigiCert TLS RSA SHA256 2020 CA1
  • SSL certificate verify ok.

GET / HTTP/1.1 Host: api. snapcraft .io User-Agent: curl/7.68.0 Accept: /

  • Mark bundle as not supporting multiuse < HTTP/1.1 200 OK HTTP/1.1 200 OK < server: gunicorn server: gunicorn < date: Tue, 18 Jan 2022 23:02:03 GMT date: Tue, 18 Jan 2022 23:02:03 GMT < content-type: text/html; charset=utf-8 content-type: text/html; charset=utf-8 < content-length: 64 content-length: 64 < snap-store-version: 44 snap-store-version: 44 < x-view-name: snapdevicegw.webapi.root x-view-name: snapdevicegw.webapi.root < x-vcs-revision: 774419d5 x-vcs-revision: 774419d5 < x-request-id: 98CF1BBE099D0A325D7301BB61E746E98F188C2 x-request-id: 98CF1BBE099D0A325D7301BB61E746E98F188C2

< store API service - Copyright 2018-2021 Canonical.

seems to work fine, but if I run sudo snap install rocketchat-server for example, the output is as follows:

networld@srv0:~# sudo snap install rocketchat-server error: cannot install “rocketchat-server”: Post https :// api.snapcraft. io/v2/snaps/refresh: read tcp> read: connection reset by peer

Is this repeatable? Is it always the same remote IP address?

I see that curl accessed, while snapd hit FWIW both are among the IPs that resolves to:

;; ANSWER SECTION:       451     IN      A       451     IN      A       451     IN      A       451     IN      A       451     IN      A       451     IN      A

Try to run curl -v -D- -X POST -H "Snap-Device-Series: 16" '' and attach the output.

Hi, you can also try crafting a payload that’s similar to what snapd is using:

curl -X POST -H "Snap-Device-Series: $YOUR_SERIES" -H "Snap-Device-Architecture: $YOUR_ARCH" -H "Content-type: application/json" -d '{"context": [], "actions": [{"action": "install", "instance-key": "foo", "name":"rocketchat-server"}]}' | jq .

Did you by chance configure a proxy for snapd only? sounds about the only way for the connection to work differently via snapd vs. curl; snapd doesn’t do, to my knowledge, any black magic to establish the HTTP connection.

  • Daniel