Hello! On Wed, May 09, 2018 at 02:10:04AM -0400, _gg_ wrote:
> Not sure if it's not more of an openssl/TLS 'issue'/question... > For some time I've been observing > > SSL_do_handshake() failed (SSL: error:1408A0C1:SSL > routines:ssl3_get_client_hello:no shared cipher) while SSL handshaking > > in error.log while having > > ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2; > ssl_ciphers ALL:!aNULL; > > in configuration. > > Examining Client Hello packet reveals client supported ciphers: > Cipher Suites (9 suites) > Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8) > Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc13) > Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) > Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) > Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) > Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c) > Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) > Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) > Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) > > I'm running > nginx version: nginx/1.12.1 > built by gcc 4.8.5 20150623 (Red Hat 4.8.5-11) (GCC) > built with OpenSSL 1.0.2k-fips 26 Jan 2017 > TLS SNI support enabled > > According to 'openssl ciphers' the third cipher on the list is supported and > yet server responds with: > TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake Failure) > Content Type: Alert (21) > Version: TLS 1.2 (0x0303) > Length: 2 > Alert Message > Level: Fatal (2) > Description: Handshake Failure (40) > > Either I've messed up my investigation or I'm completely misunderstanding > something here. > Why despite having a common cipher with a client server denies to handshake > a connection? Whether a cipher suite can be used or not depends on various factors. In particular: - list of ciphers the client supports; - list of ciphers the server supports; - the certificate used by the server (e.g., you won't be able to use RSA cipher suites with an ECDSA certificate); - when using ECDHE ciphers or ECDSA certificates - supported EC curves on both client and server; In this particular case the client supports only RSA ciphers, so, for example, there will be no shared cipher if you are using ECDSA certificate. -- Maxim Dounin http://mdounin.ru/ _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
