root@raspberrypi:/home/pi# sudo ddclient -force
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 12 100 12 0 0 57 0 --:--:-- --:--:-- --:--:-- 57
WARNING: cannot connect to update.dedyn.io:443 socket: IO::Socket::IP configuration failed
FAILED: updating blackberry.dedyn.io: Could not connect to update.dedyn.io.
Any hint how to progress here would be appreciated
my guess is that your curl does not support TLS 1.2. Since March 2020, TLS 1.2 or TLS 1.3 are required to connect to desec.io, as lower TLS versions are considered weak.
cURL supports TLS 1.2 since version 7.34.0 (released six years ago). Please see if you can confirm that your curl is pre-7.34. If so, a curl update will very likely fix your problem.
I tried that, however the tmcdump command just terminated with âsyntax errorââŚ
I have noticed something else, if I use ddclient --force --debug I get this:
root@raspberrypi:/home/pi# ddclient --force --debug
WARNING: file /var/cache/ddclient/ddclient.cache, line 3: Invalid Value for keyword 'ip' = ''
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 12 100 12 0 0 55 0 --:--:-- --:--:-- --:--:-- 56
DEBUG: get_ip: using cmd, curl https://checkipv4.dedyn.io/ reports 81.154.4.128
DEBUG:
DEBUG: nic_dyndns2_update -------------------
DEBUG: proxy =
DEBUG: url = http://update.dedyn.io/nic/update?system=dyndns&hostname=blackberry.dedyn.io&myip=81.154.4.128
DEBUG: server = update.dedyn.io
WARNING: cannot connect to update.dedyn.io:443 socket: IO::Socket::IP configuration failed
FAILED: updating blackberry.dedyn.io: Could not connect to update.dedyn.io.
The interesting bit is the url, it is http and not https. Could that be the problem ?
btw, I just used the raspberry ddclient.conf on my linux laptop and the update works. So itâs definitely not your service. Itâs somewhere in my raspberry installation, presumably because something is out of dateâŚ
So it looks like the set of ciphers we offer and the set of ciphers your client supports does not overlap. That means that something is indeed out of date (e.g. openssl).
I had the same problem: Suddenly the IP update didnât work for me anymore. I used the dyn-dns function of my router (TP-link vr200). Sadly it was/is not clear why the update did not work anymore and there is no update for my router.
I think many people used the function of their (old) router. Would it be possible to offer an alternative endpoint like deprecated-update.dedyn.io?
Anyway, a little info in the documentation would be good, that if the update doesnât work, the tls version should be checked, right?
Thanks for the suggestion. We put high value on security, and we are not going to keep old libraries in our software stack in order to support insecure cryptographic methods. We consider them to be only marginally better than unencrypted communication (which we do not endorse either).
So, unfortunately, we canât help you out with an alternative endpoint.
Iâm sorry to hear that it was hard to figure out the reason why your update did not work anymore; however, the router does have knowledge about what went wrong in the connection, and itâs a pity that it didnât tell you this information in more detail.
We also sent out messages to users who recently updated their IP using an old TLS version to warn them of the change, a few weeks before we actually made the change. In case you update your IP very rarely, you may not have received this message (because we might have considered your account passive), in which case weâd like to apologize!