Re: [openssl-users] What does this error mean?
>wget --no-check-certificate https://bootstrap.pypa.io/get-pip.py When I try this: ; ./apps/openssl s_client -connect bootstrap.pypa.io:443 -tls1_1 It fails. When I leave off the last flag, it connects via TLS 1.2 So that website does not support anything older than TLS 1.2, apparently. You'll have to build a modern OpenSSL, and then wget to use that version. Good luck. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean?
Hi, The command I'm running is: wget --no-check-certificate https://bootstrap.pypa.io/get-pip.py So in this particular case the host is: bootstrap.pypa.io. I was trying to install the Python pip command. Rob On Mon, Apr 16, 2018 at 5:53 PM, Salz, Rich via openssl-users wrote: > You didn't answer the question that was asked. > > Which host? > > On 4/16/18, 4:23 PM, "Rob Marshall" wrote: > > Hi, > > I built and installed OpenSSL 1.0.2n and I'm still seeing the problem. > I originally tried to build/install 1.1.0h but my goal was to > build/install an updated OpenSSH (7.7.p1) and it wouldn't build with > that version and a straight 1.1.0 build failed. So I went with the > most recent 1.0.2 (in this case n) that I could find. > > Rob > > On Mon, Apr 16, 2018 at 2:33 PM, Marcus Meissner wrote: > > On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote: > >> Hi, > >> > >> It may not be relevant, but I'm running SLES 10 SP3 which is a very > >> old version of the OS and I can't upgrade it due to some installed > >> products. When I try to do a wget I'm seeing the error: > >> > >> OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 > >> alert protocol version > >> > >> What does the error mean and how do I fix it? > > > > From which host? The host probably only speaks TLS 1.2. > > > > Ciao, Marcus > > -- > > openssl-users mailing list > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean?
You didn't answer the question that was asked. Which host? On 4/16/18, 4:23 PM, "Rob Marshall" wrote: Hi, I built and installed OpenSSL 1.0.2n and I'm still seeing the problem. I originally tried to build/install 1.1.0h but my goal was to build/install an updated OpenSSH (7.7.p1) and it wouldn't build with that version and a straight 1.1.0 build failed. So I went with the most recent 1.0.2 (in this case n) that I could find. Rob On Mon, Apr 16, 2018 at 2:33 PM, Marcus Meissner wrote: > On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote: >> Hi, >> >> It may not be relevant, but I'm running SLES 10 SP3 which is a very >> old version of the OS and I can't upgrade it due to some installed >> products. When I try to do a wget I'm seeing the error: >> >> OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 >> alert protocol version >> >> What does the error mean and how do I fix it? > > From which host? The host probably only speaks TLS 1.2. > > Ciao, Marcus > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean?
Hi, When I do that I see, among other things: ... SSL-Session: Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 9B63040F2D2F498F610A84E4A9D9017AF375772DFDDA760378666391A17C2C75 ... When I tried to force TLSv1.2 I got: hostname:~ # wget --no-check-certificate --secure-protocol=TLSv1_2 https://bootstrap.pypa.io/get-pip.py wget: --secure-protocol: Invalid value `TLSv1_2'. My guess is that it's just too old of a version of wget. I was going to try to build/install a newer version, but it seems to have prerequisites I can't meet on SLES 10 SP3. Thanks, Rob On Mon, Apr 16, 2018 at 5:17 PM, Michael Wojcik wrote: > It may be how the (probably somewhat outdated) version of wget is using the > openssl API. Try "openssl s_client -connect server:port", using the server > and port you're trying to get wget to connect to. > > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean?
It may be how the (probably somewhat outdated) version of wget is using the openssl API. Try "openssl s_client -connect server:port", using the server and port you're trying to get wget to connect to. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean?
Hi, I built and installed OpenSSL 1.0.2n and I'm still seeing the problem. I originally tried to build/install 1.1.0h but my goal was to build/install an updated OpenSSH (7.7.p1) and it wouldn't build with that version and a straight 1.1.0 build failed. So I went with the most recent 1.0.2 (in this case n) that I could find. Rob On Mon, Apr 16, 2018 at 2:33 PM, Marcus Meissner wrote: > On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote: >> Hi, >> >> It may not be relevant, but I'm running SLES 10 SP3 which is a very >> old version of the OS and I can't upgrade it due to some installed >> products. When I try to do a wget I'm seeing the error: >> >> OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 >> alert protocol version >> >> What does the error mean and how do I fix it? > > From which host? The host probably only speaks TLS 1.2. > > Ciao, Marcus > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean?
On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote: > Hi, > > It may not be relevant, but I'm running SLES 10 SP3 which is a very > old version of the OS and I can't upgrade it due to some installed > products. When I try to do a wget I'm seeing the error: > > OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 > alert protocol version > > What does the error mean and how do I fix it? >From which host? The host probably only speaks TLS 1.2. Ciao, Marcus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean?
The server is rejecting the connection because it doesn't like the SSL/TLS version range that wget is offering. Anything prior to TLSv1.1 suffers from vulnerabilities that can be exploited under practical conditions, so many servers reject older protocol versions. You don't have to upgrade the OS to put a newer version of OpenSSL on, though you may have to build OpenSSL yourself. From: openssl-users on behalf of Rob Marshall Sent: Monday, April 16, 2018 2:27:17 PM To: openssl-users@openssl.org Subject: [openssl-users] What does this error mean? Hi, It may not be relevant, but I'm running SLES 10 SP3 which is a very old version of the OS and I can't upgrade it due to some installed products. When I try to do a wget I'm seeing the error: OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version What does the error mean and how do I fix it? Thanks, Rob -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] What does this error mean?
Hi, It may not be relevant, but I'm running SLES 10 SP3 which is a very old version of the OS and I can't upgrade it due to some installed products. When I try to do a wget I'm seeing the error: OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version What does the error mean and how do I fix it? Thanks, Rob -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
> Thank you! So it is the *client* that breaks the connection, > and it is unhappy either about MiTM, or the encoding. I will > check for both (though not much I can do about either). Presumably you've added that cert to some trust store on the system in question. Yes I did (though reluctantly :). The support staff for the product should be able to tell you how to configure trusted TLS CAs, if these are configurable. Yes, I’m bringing this to them, in hope that they’d resolve it. If the product is not using OpenSSL, this question really is off topic for this list. If it is using OpenSSL, there may be some place where it looks for its CAfile or some CApath directory. Frankly, I don’t know – to me it’s an executable black-box. I’ll try to dig. But I think you’ve provided me with all I need to point our support at the root cause. Thanks!! smime.p7s Description: S/MIME cryptographic signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
> On Apr 25, 2017, at 4:41 PM, Blumenthal, Uri - 0553 - MITLL > wrote: > >Client objects to the server chain. Either does not trust the MiTM root > CA, or >is unhappy about its encoding (assuming tshark is not generating an FP > warning). > > Thank you! So it is the *client* that breaks the connection, and it is > unhappy either about MiTM, or the encoding. I will check for both (though not > much I can do about either). Well, if there is not facility to configure the client's trusted root CAs, then of course it won't trust the MiTM root cert. Presumably you've added that cert to some trust store on the system in question. The support staff for the product should be able to tell you how to configure trusted TLS CAs, if these are configurable. If the product is not using OpenSSL, this question really is off topic for this list. If it is using OpenSSL, there may be some place where it looks for its CAfile or some CApath directory. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
> extensions: 4 items > Extension (ns_cert_exts.comment) > Extension Id: 2.16.840.1.113730.1.13 (ns_cert_exts.comment) > BER Error: String with tag=22 expected but class:UNIVERSAL(0) > primitive tag:12 was unexpected > [Expert Info (Warn/Malformed): BER Error: String expected] > [BER Error: String expected] > [Severity level: Warn] > [Group: Malformed] This is odd, is tshark buggy, too picky, or is the issuer cert actually malformed? I don’t know off-hand, will check, and bring to the attention of those who run the proxy. > algorithmIdentifier (shaWithRSAEncryption) > Algorithm Id: 1.2.840.113549.1.1.5 (shaWithRSAEncryption) > Padding: 0 > encrypted: 408fc9a991e6cebbec05fa6b2463d89bcb8b2dc888c1a1b6... Issuer cert is an MiTM proxy, and possibly has encoding errors. Got it, thanks. > Secure Sockets Layer > TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Certificate Unknown) > Content Type: Alert (21) > Version: TLS 1.2 (0x0303) > Length: 2 > Alert Message > Level: Fatal (2) > Description: Certificate Unknown (46) Client objects to the server chain. Either does not trust the MiTM root CA, or is unhappy about its encoding (assuming tshark is not generating an FP warning). Thank you! So it is the *client* that breaks the connection, and it is unhappy either about MiTM, or the encoding. I will check for both (though not much I can do about either). Thanks! (At least I have an idea now what’s going on.) smime.p7s Description: S/MIME cryptographic signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
> On Apr 25, 2017, at 3:17 PM, Blumenthal, Uri - 0553 - MITLL > wrote: > Secure Sockets Layer > SSL Record Layer: Handshake Protocol: Client Hello > Content Type: Handshake (22) > Version: TLS 1.2 (0x0303) > Length: 228 > Handshake Protocol: Client Hello > Handshake Type: Client Hello (1) > Length: 224 > Version: TLS 1.2 (0x0303) > ... vanilla client hello ... > > Secure Sockets Layer > TLSv1.2 Record Layer: Handshake Protocol: Server Hello > Content Type: Handshake (22) > Version: TLS 1.2 (0x0303) > Length: 89 > Handshake Protocol: Server Hello > Handshake Type: Server Hello (2) > Length: 85 > Version: TLS 1.2 (0x0303) > Random > GMT Unix Time: Jan 12, 2043 21:01:43.0 EST > Random Bytes: > 74befd6060b40803a1f281de721667ea45ac751fb7cd... > Session ID Length: 32 > Session ID: c07a259d71e9906c44632f6f9e885d40a647d514ef5deb8b... > Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) > ... vanilla server hello ... > > Secure Sockets Layer > TLSv1.2 Record Layer: Handshake Protocol: Certificate > Content Type: Handshake (22) > Version: TLS 1.2 (0x0303) > Length: 2017 > Handshake Protocol: Certificate > Handshake Type: Certificate (11) > Length: 2013 > Certificates Length: 2010 > Certificates (2010 bytes) > Certificate Length: 1038 > Certificate (id-at-commonName=cs.visual-paradigm.com) > signedCertificate > version: v3 (2) > serialNumber : > 0x1c3d07eea2d576e83c60613e5f3c2a18e518b8a0 > signature (sha256WithRSAEncryption) > Algorithm Id: 1.2.840.113549.1.1.11 > (sha256WithRSAEncryption) EE cert sigalg is normal > issuer: rdnSequence (0) > rdnSequence: 6 items (id-at-commonName=McAfee Web > Gateway,id-at-countryName=US,... > RDNSequence item: 1 item > (id-at-organizationName=MIT Lincoln Laboratory) > RelativeDistinguishedName item > (id-at-organizationName=MIT Lincoln Laboratory) > Id: 2.5.4.10 (id-at-organizationName) > DirectoryString: uTF8String (4) > uTF8String: MIT Lincoln Laboratory > . . . . . > RDNSequence item: 1 item > (id-at-commonName=McAfee Web Gateway) > RelativeDistinguishedName item > (id-at-commonName=McAfee Web Gateway) > Id: 2.5.4.3 (id-at-commonName) > DirectoryString: uTF8String (4) > uTF8String: McAfee Web Gateway EE cert issuer looks OK. > validity > notBefore: utcTime (0) > utcTime: 17-04-24 18:35:25 (UTC) > notAfter: utcTime (0) > utcTime: 18-04-24 18:35:25 (UTC) EE cert validity is one year, looks OK. > subject: rdnSequence (0) > rdnSequence: 1 item > (id-at-commonName=cs.visual-paradigm.com) > RDNSequence item: 1 item > (id-at-commonName=cs.visual-paradigm.com) > RelativeDistinguishedName item > (id-at-commonName=cs.visual-paradigm.com) > Id: 2.5.4.3 (id-at-commonName) > DirectoryString: uTF8String (4) > uTF8String: cs.visual-paradigm.com EE cert Subject looks OK. > subjectPublicKeyInfo > algorithm (rsaEncryption) > Algorithm Id: 1.2.840.113549.1.1.1 > (rsaEncryption) > Padding: 0 > subjectPublicKey: > 3082010a02820101009a686b8a742ec2e4341a6f43e20f71... The EE public key is 256 octets or 2048 bits, looks OK. > extensions: 5 items > Extension (id-ce-basicConstraints) > Extension Id: 2.5.29.19 > (id-ce-basicConstraints) > BasicConstraintsSyntax [0 length] EE empty basicConstraints defaults to CA:FALSE, OK > Extension (id-ce-subjectKeyIdentifier) > Extension Id: 2.5.29.14 > (id-ce-subjectKeyIdentifier) >
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
On 4/24/17, 7:26 PM, "openssl-users on behalf of Viktor Dukhovni" wrote: I get slightly annoyed when I take the time to help, but my response is skimmed over and not read carefully. Upthread I said: See my recent post: https://www.spinics.net/lists/openssl-users/msg05623.html for instructions on how to extract SSL info from PCAP files in a way that mostly trims away endpoint details... My apologies. Please find attached the tshark-processed (as instructed) PCAPNG file. I’d love to learn what one can glean from it. If the alert is from the application to the proxy, then most likely the application does not trust the proxy MiTM root CA. Thanks! Secure Sockets Layer SSL Record Layer: Handshake Protocol: Client Hello Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 228 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) Length: 224 Version: TLS 1.2 (0x0303) Random GMT Unix Time: Apr 24, 2017 17:59:40.0 EDT Random Bytes: 010124d7b6a3fcc51f5495bfaeb11c0be284472c54217e63... Session ID Length: 0 Cipher Suites Length: 58 Cipher Suites (29 suites) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 (0xc025) Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 (0xc029) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (0xc004) Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (0xc00e) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02d) Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 (0xc031) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00a2) Cipher Suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc008) Cipher Suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc003) Cipher Suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA (0xc00d) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff) Compression Methods Length: 1 Compression Methods (1 method) Compression Method: null (0) Extensions Length: 125 Extension: elliptic_curves Type: elliptic_curves (0x000a) Length: 52 Elliptic Curves Length: 50 Elliptic curves (25 curves) Elliptic curve: secp256r1 (0x0017) Elliptic curve: sect163k1 (0x0001) Elliptic curve: sect163r2 (0x0003) Elliptic curve: secp192r1 (0x0013) Elliptic curve: secp224r1 (0x0015) Elliptic curve: sect233k1 (0x0006) Elliptic curve: sect233r1 (0x0007) Elliptic curve: sect283k1 (0x0009) Elliptic curve: sect283r1 (0x000a) Elliptic curve: secp384r1 (0x0018) Elliptic curve: sect409k1 (0x000b) Elliptic curve: sect409r1 (0x000c) Elliptic curve: secp521r1 (0x0019) Elliptic curve: sect571k1 (0x000d) Elliptic curve: sect571r1 (0x000e) Elliptic curve: secp160k1 (0x000f) Elliptic curve: secp160r1 (0x0010) Elliptic curve: secp160r2 (0x0011) Elliptic curve: sect163r1 (0x0002) Elliptic curve: secp192k1 (0x0012) Elliptic curve: sect193r1 (0x0004) Ell
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
> On Apr 24, 2017, at 7:11 PM, Blumenthal, Uri - 0553 - MITLL > wrote: > >Please report tshark output, not an approximate rendition. In what > direction >is the alert sent? > > I’m using WireShark. The IP addresses on the Alert packet show local host as > the source, and the proxy as the destination. Is there another way to tell > the direction? Or how to present it in a way that I can sanitize the output > and post here? I get slightly annoyed when I take the time to help, but my response is skimmed over and not read carefully. Upthread I said: See my recent post: https://www.spinics.net/lists/openssl-users/msg05623.html for instructions on how to extract SSL info from PCAP files in a way that mostly trims away endpoint details... (of course SNI names and cert names would still be there, so you'd need to trim those if you want to anonymize the guilty parties). Install tshark somewhere, and use it to decode the PCAP file. Then post the results. If the alert is from the application to the proxy, then most likely the application does not trust the proxy MiTM root CA. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
> I went through the capture between the app (local end) and the proxy. It appears that the sequence is: > > ClientHello -> (from app to proxy, with a ton of cipher suites, including 0xc02f) > <- ServerHello (with TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 – present in ClientHello) > <- CertificateServer Key Exchange, Server Hello Done (includes proxy’s cert rather than the remote end’s cert) > > Alert (Level: Fatal, Description: Certificate Unknown) -> > > So it appears that the app expects the remote end’s cert, and is not happy getting the proxy’s cert instead? Please report tshark output, not an approximate rendition. In what direction is the alert sent? I’m using WireShark. The IP addresses on the Alert packet show local host as the source, and the proxy as the destination. Is there another way to tell the direction? Or how to present it in a way that I can sanitize the output and post here? In response to this Alert packet I see two packets from the proxy to the local host: - [ACK] - [PSH, ACK] And then from the local host to the proxy: - [FIN, ACK] - [RST] - [RST] It is indeed possible that the application is not configured for and correctly rejects the forged certificate of the MiTM proxy. It would need the Root CA of the proxy as a trusted issuer, but that may not be configurable. In which case you'd need to let the app connect directly to the remote server without an MiTM-proxy. Understood, thanks! smime.p7s Description: S/MIME cryptographic signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
> On Apr 24, 2017, at 6:11 PM, Blumenthal, Uri - 0553 - MITLL > wrote: > > I went through the capture between the app (local end) and the proxy. It > appears that the sequence is: > > ClientHello -> (from app to proxy, with a ton of cipher suites, including > 0xc02f) > <- ServerHello (with TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 – present > in ClientHello) > <- CertificateServer Key Exchange, Server Hello Done (includes proxy’s > cert rather than the remote end’s cert) > > Alert (Level: Fatal, Description: Certificate Unknown) -> > > So it appears that the app expects the remote end’s cert, and is not happy > getting the proxy’s cert instead? Please report tshark output, not an approximate rendition. In what direction is the alert sent? It is indeed possible that the application is not configured for and correctly rejects the forged certificate of the MiTM proxy. It would need the Root CA of the proxy as a trusted issuer, but that may not be configurable. In which case you'd need to let the app connect directly to the remote server without an MiTM-proxy. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
> Handshake failed > > The SSL handshake could not be performed. > > Host: Reason: error:14094416:SSL > routines:ssl3_read_bytes:sslv3 alert certificate unknown:state > 23:Application response 500 handshakefailed > > > generated 2017-04-24 15:28:13 by webwasher4 > Java/1.8.0_112 Webwasher is your proxy right? Yes. ( So it is clearly webwasher that is generating this error message (it says so in the text above!). The OpenSSL error contained in this text occurs when the remote peer sends a fatal alert to the local endpoint. So it looks to me like your proxy has initiated a TLS connection to the remote host but the remote host has rejected the handshake and sent back a "certificate unknown" fatal alert. A certificate unknown alert has the following description in the RFCs: certificate_unknown Some other (unspecified) issue arose in processing the certificate, rendering it unacceptable. So, my guess is that the remote host has requested a client certificate (i.e. client auth) and your proxy has been unable to provide it. Understood, thanks! smime.p7s Description: S/MIME cryptographic signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
On 24/04/17 22:18, Blumenthal, Uri - 0553 - MITLL wrote: > I use a 3rd-party application that is trying to update itself (so > it’s trying to “call home”). Naturally, I’m behind a corporate > firewall and Web proxy. The app has been configured to use that > proxy. It fails to connect. Packet capture reveals the following: > > Handshake failed > > The SSL handshake could not be performed. > > Host: Reason: error:14094416:SSL > routines:ssl3_read_bytes:sslv3 alert certificate unknown:state > 23:Application response 500 handshakefailed > > generated 2017-04-24 15:28:13 by > webwasher4 Java/1.8.0_112 > Webwasher is your proxy right? So it is clearly webwasher that is generating this error message (it says so in the text above!). The OpenSSL error contained in this text occurs when the remote peer sends a fatal alert to the local endpoint. So it looks to me like your proxy has initiated a TLS connection to the remote host but the remote host has rejected the handshake and sent back a "certificate unknown" fatal alert. A certificate unknown alert has the following description in the RFCs: certificate_unknown Some other (unspecified) issue arose in processing the certificate, rendering it unacceptable. So, my guess is that the remote host has requested a client certificate (i.e. client auth) and your proxy has been unable to provide it. Matt > > I must be dense today (and please, no comment about how this state > might be more permanent than that (), but I can’t figure even which > peer is complaining. Is it the local end (aka the application) that > doesn’t like the proxy’s certificate? Is it the Web proxy that > doesn’t like the remote host certificate? Or is it the remote end > that doesn’t like the proxy’s certificate? > > I can connect to the remote host via browser just fine… > > Thanks! — Regards, Uri Blumenthal > > > > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
> I use a 3rd-party application that is trying to update itself (so it’s trying to “call home”). > Naturally, I’m behind a corporate firewall and Web proxy. The app has been configured to use > that proxy. It fails to connect. Packet capture reveals the following: You're noticeably at this point in the problem report. Is this a packet capture between the application and the proxy, or between the proxy and the outside host? It is between the app and the proxy. I have no access to the proxy <-> outside traffic. ( At what stage of the handshake is the alert seen? It looks like it’s after the initial handshake (I see HTTP 200 before this). Have you tried using "curl" to complete a proxied connection to the remote server? Nope. I don’t even know what to try to “curl” from there, and browser connects fine. > Handshake failed > > The SSL handshake could not be performed. > > Host: > Reason: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:state 23:Application response 500 handshakefailed The alert is always generated remotely and reported locally. It could in theory come from the proxy, but more likely from the real remote server. I see, thanks! The server may not like the client's ciphers or protocol version. See my recent post: https://www.spinics.net/lists/openssl-users/msg05623.html for instructions on how to extract SSL info from PCAP files in a way that mostly trims away endpoint details... (of course SNI names and cert names would still be there, so you'd need to trim those if you want to anonymize the guilty parties). I cannot do “openssl s_client …” because the proxy doesn’t let it through. Capture the traffic between the proxy and the remote server if at all possible, and compare with the trace between client and proxy. Alas, cannot. Though I can ask people in charge of the proxy to do that. I went through the capture between the app (local end) and the proxy. It appears that the sequence is: ClientHello -> (from app to proxy, with a ton of cipher suites, including 0xc02f) <- ServerHello (with TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 – present in ClientHello) <- CertificateServer Key Exchange, Server Hello Done (includes proxy’s cert rather than the remote end’s cert) Alert (Level: Fatal, Description: Certificate Unknown) -> So it appears that the app expects the remote end’s cert, and is not happy getting the proxy’s cert instead? smime.p7s Description: S/MIME cryptographic signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
> On Apr 24, 2017, at 5:18 PM, Blumenthal, Uri - 0553 - MITLL > wrote: > > I use a 3rd-party application that is trying to update itself (so it’s trying > to “call home”). Naturally, I’m behind a corporate firewall and Web proxy. > The app has been configured to use that proxy. It fails to connect. Packet > capture reveals the following: You're noticeably at this point in the problem report. Is this a packet capture between the application and the proxy, or between the proxy and the outside host? At what stage of the handshake is the alert seen? Have you tried using "curl" to complete a proxied connection to the remote server? > Handshake failed > > The SSL handshake could not be performed. > > Host: > Reason: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate > unknown:state 23:Application response 500 handshakefailed The alert is always generated remotely and reported locally. It could in theory come from the proxy, but more likely from the real remote server. > I must be dense today (and please, no comment about how this state might be > more permanent than that (), but I can’t figure even which peer is > complaining. Is it the local end (aka the application) that doesn’t like the > proxy’s certificate? Is it the Web proxy that doesn’t like the remote host > certificate? Or is it the remote end that doesn’t like the proxy’s > certificate? > > I can connect to the remote host via browser just fine The server may not like the client's ciphers or protocol version. See my recent post: https://www.spinics.net/lists/openssl-users/msg05623.html for instructions on how to extract SSL info from PCAP files in a way that mostly trims away endpoint details... (of course SNI names and cert names would still be there, so you'd need to trim those if you want to anonymize the guilty parties). Capture the traffic between the proxy and the remote server if at all possible, and compare with the trace between client and proxy. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23
I use a 3rd-party application that is trying to update itself (so it’s trying to “call home”). Naturally, I’m behind a corporate firewall and Web proxy. The app has been configured to use that proxy. It fails to connect. Packet capture reveals the following: Handshake failed The SSL handshake could not be performed. Host: Reason: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:state 23:Application response 500 handshakefailed generated 2017-04-24 15:28:13 by webwasher4 Java/1.8.0_112 I must be dense today (and please, no comment about how this state might be more permanent than that (), but I can’t figure even which peer is complaining. Is it the local end (aka the application) that doesn’t like the proxy’s certificate? Is it the Web proxy that doesn’t like the remote host certificate? Or is it the remote end that doesn’t like the proxy’s certificate? I can connect to the remote host via browser just fine… Thanks! — Regards, Uri Blumenthal smime.p7s Description: S/MIME cryptographic signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
