> On 30 July 2018 at 20:37 ѽ҉ᶬḳ℠ <[email protected]> wrote: > > > > >>>>>>> facing [ no shared cipher ] error with EC private keys. > >>>>>> the client connecting to your instance has to support ecdsa > >>>>>> > >>>>>> > >>>>> It does - Thunderbird 60.0b10 (64-bit) > >>>>> > >>>>> [ security.ssl3.ecdhe_ecdsa_aes_256_gcm_sha384;true ] > >>>>> > >>>>> It seems there is a difference between the private key (rsa vs. ecc -> > >>>>> SSL_CTX?) used for the certificate signing request and the signed > >>>>> certificate. > >>>>> > >>>>> The csr created from a private key with [ openssl genpkey -algorithm RSA > >>>>> ] and signed by a CA with [ ecdhe_ecdsa ] works with no error. > >>>>> > >>>>> But as stated in the initial message it does not work if the private key > >>>>> for the csr is generated with [ openssl ecparam -name brainpoolP512t1 > >>>>> -genkey ]. > >>>>> > >>>>> > >>>> Can you try, with your ECC cert, > >>>> > >>>> openssl s_client -connect server:143 -starttls imap > >>>> > >>>> and paste result? > >>>> > >>> This is for the certificate where the csr is generated with an EC > >>> private key and the [ no shared cipher ] error: > >>> > >>> CONNECTED(00000003) > >>> write:errno=0 > >>> --- > >>> no peer certificate available > >>> --- > >>> No client certificate CA names sent > >>> --- > >>> SSL handshake has read 309 bytes and written 202 bytes > >>> Verification: OK > >>> --- > >>> New, (NONE), Cipher is (NONE) > >>> Secure Renegotiation IS NOT supported > >>> Compression: NONE > >>> Expansion: NONE > >>> No ALPN negotiated > >>> SSL-Session: > >>> Protocol : TLSv1.2 > >>> Cipher : 0000 > >>> Session-ID: > >>> Session-ID-ctx: > >>> Master-Key: > >>> PSK identity: None > >>> PSK identity hint: None > >>> SRP username: None > >>> Start Time: 1532969474 > >>> Timeout : 7200 (sec) > >>> Verify return code: 0 (ok) > >>> Extended master secret: no > >>> > >>> --- > >>> > >>> and this for the certificate where the csr is generated with a RSA > >>> private key: > >>> > >>> CONNECTED(00000003) > >>> depth=0 C = 00, ST = CH, L = DC, O = foo.bar, OU = mail, CN = Server > >>> foo.bar Mail IMAP > >>> verify error:num=20:unable to get local issuer certificate > >>> verify return:1 > >>> depth=0 C = 00, ST = CH, L = DC, O = foo.bar, OU = mail, CN = Server > >>> foo.bar Mail IMAP > >>> verify error:num=21:unable to verify the first certificate > >>> verify return:1 > >>> --- > >>> Certificate chain > >>> 0 s:/C=00/ST=CH/L=DC/O=foo.bar/OU=mail/CN=Server foo.bar Mail IMAP > >>> i:/C=00/ST=CH/O=foo.bar/OU=Server/CN=IM Server foo.bar > >>> --- > >>> Server certificate > >>> -----BEGIN CERTIFICATE----- > >>> [ truncated ] > >>> -----END CERTIFICATE----- > >>> subject=/C=00/ST=CH/L=DC/O=foo.bar/OU=mail/CN=Server foo.bar Mail IMAP > >>> issuer=/C=00/ST=CH/O=foo.bar/OU=Server/CN=IM Server foo.bar > >>> --- > >>> No client certificate CA names sent > >>> Peer signing digest: SHA512 > >>> Server Temp Key: X25519, 253 bits > >>> --- > >>> SSL handshake has read 2361 bytes and written 295 bytes > >>> Verification error: unable to verify the first certificate > >>> --- > >>> New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 > >>> Server public key is 4096 bit > >>> Secure Renegotiation IS supported > >>> Compression: NONE > >>> Expansion: NONE > >>> No ALPN negotiated > >>> SSL-Session: > >>> Protocol : TLSv1.2 > >>> Cipher : ECDHE-RSA-AES256-GCM-SHA384 > >>> Session-ID: > >>> C23E6478F4C6372F2A524504031B32EDC9FDCAA343AE5017A09E47C5E7B60DD6 > >>> Session-ID-ctx: > >>> Master-Key: [ obfuscated ] > >>> PSK identity: None > >>> PSK identity hint: None > >>> SRP username: None > >>> Start Time: 1532969755 > >>> Timeout : 7200 (sec) > >>> Verify return code: 21 (unable to verify the first certificate) > >>> Extended master secret: yes > >>> --- > >>> . OK Pre-login capabilities listed, post-login capabilities have more. > >>> > >>> > >>> > >> Can you configure ssl_cipher_list = ALL and try again? Also, can you send > >> the *PUBLIC* part of the certificate? > >> > > [ ssl_cipher_list = ALL ] set/applied > > > > This is for the certificate where the csr is generated with an EC private > > key and the [ no shared cipher ] error: > > > > CONNECTED(00000003) > > write:errno=0 > > --- > > no peer certificate available > > --- > > No client certificate CA names sent > > --- > > SSL handshake has read 309 bytes and written 202 bytes > > Verification: OK > > --- > > New, (NONE), Cipher is (NONE) > > Secure Renegotiation IS NOT supported > > Compression: NONE > > Expansion: NONE > > No ALPN negotiated > > SSL-Session: > > Protocol : TLSv1.2 > > Cipher : 0000 > > Session-ID: > > Session-ID-ctx: > > Master-Key: > > PSK identity: None > > PSK identity hint: None > > SRP username: None > > Start Time: 1532970888 > > Timeout : 7200 (sec) > > Verify return code: 0 (ok) > > Extended master secret: no > > > > --- > > > > and this for the certificate where the csr is generated with a RSA > > private key: > > > > CONNECTED(00000003) > > depth=0 C = 00, ST = CH, L = DC, O = foo.bar, OU = mail, CN = Server > > foo.bar Mail IMAP > > verify error:num=20:unable to get local issuer certificate > > verify return:1 > > depth=0 C = 00, ST = CH, L = DC, O = foo.bar, OU = mail, CN = Server > > foo.bar Mail IMAP > > verify error:num=21:unable to verify the first certificate > > verify return:1 > > --- > > Certificate chain > > 0 s:/C=00/ST=CH/L=DC/O=foo.bar/OU=mail/CN=Server foo.bar Mail IMAP > > i:/C=00/ST=CH/O=foo.bar/OU=Server/CN=IM Server foo.bar > > --- > > Server certificate > > -----BEGIN CERTIFICATE----- > > MIIFIjCCBIagAwIBAgICEAYwCgYIKoZIzj0EAwQwWTELMAkGA1UEBhMCMDAxCzAJ > > BgNVBAgMAkNIMRAwDgYDVQQKDAd2dG9sLm1lMQ8wDQYDVQQLDAZTZXJ2ZXIxGjAY > > BgNVBAMMEUlNIFNlcnZlciB2dG9sLm1lMB4XDTE4MDczMDExMTE1NloXDTE5MDcz > > MDExMTE1NlowazELMAkGA1UEBhMCMDAxCzAJBgNVBAgMAkNIMQswCQYDVQQHDAJE > > QzEQMA4GA1UECgwHdnRvbC5tZTENMAsGA1UECwwEbWFpbDEhMB8GA1UEAwwYU2Vy > > dmVyIHZ0b2wubWUgTWFpbCBJTUFQMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC > > CgKCAgEAx3Rr6Goz0xHmRGwTC5XWvTYLLXli9nhaSqpfSXSBNembIpAJMQxeZKS5 > > T1VI1Kufp5HIpBFAXKo/yAMNS4E+LtctX2ITsZD1sUJw20J7TJtDR6mX7qiNJTlT > > FXHx5VZWLp2Jv3Wlw85iNUoRcIY2IB3Q9KACTPlMl8Be9BPYAevgyqh5d67LFgwf > > 77Soq4ppa0sLxTUf1Lyh9lvpIRdDnDhs749PlLrgWIagra2ONdesOlwMOANjn5+8 > > sKnooVlwsygDEIu2QWYeAJO43GWFMiMtb4sAii52fwbwzLNOA/jF1EDz2zbimBMc > > Tcy430CucN7wYQQa8KVU/EdaYXsDRFLPfyvkFw/1GKOm4MzCBNUp3soqMgFCNWix > > HwGw82hzMadXqKHwosSoDa291hpboxppYwqohG4rlbLNXZKINTrIYgh4EldI3HGy > > YhikuVVODa254DLoj/iS2A7ZWpvDGGqirEMEZEJi9pdO3E5CUctiZFe0zrKk6xX7 > > VfQq+wZzN2F6LFVyLEIR238FOKfUdoHP5i4d+2HIzUC1ZTYXLMrmC8aLPnvQLKmO > > lS8+EPrFz4LTTvw6Tt5oO0TH51FruLRRfp545yuT/7MOt4pf9jXjvuTrQDVTp+z2 > > 6+nZZ5rxv1mAB/d0DvCg3sS3QxnzytmzlE0WVODb9zl0HNVz2GkCAwEAAaOCAV8w > > ggFbMAkGA1UdEwQCMAAwHQYDVR0OBBYEFD+YAO8k3NK95IXhPgriJNfICQDuMIGR > > BgNVHSMEgYkwgYaAFLcvDVPejjtNaMC39YNvdzbHnbWZoWqkaDBmMQswCQYDVQQG > > EwIwMDELMAkGA1UECAwCQ0gxCzAJBgNVBAcMAkRDMRAwDgYDVQQKDAd2dG9sLm1l > > MQ8wDQYDVQQLDAZTZXJ2ZXIxGjAYBgNVBAMMEUNBIFNlcnZlciB2dG9sLm1lggIQ > > ADAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYIKwYBBQUH > > ARgEBTADAgERMEYGA1UdHwQ/MD0wO6A5oDeGNWZpbGU6L2V0Yy9wa2kvdnRvbC5t > > ZS9zZXJ2ZXIvaW0vY3JsL2ltX3NlcnZlci5jcmwucGVtMBsGA1UdEQQUMBKHBKwY > > bQaCBG1haWyCBGltYXAwCgYIKoZIzj0EAwQDgYkAMIGFAkEAml53KubdaDmaiUXz > > ir5NvZmQ8/0B9UbcSKbJq30HJYhx4gotbSYU8LuEYBzAthzHwnQ0FyHV5rZPo4Gp > > RBEFkgJAfYk9C3w0urb6KE+e+bFXHketkG+P5aQyUw2kWKI7GikRX2mS5ZbSGNfe > > 7Q79jSPczn3gguffxmoSW/idw5BpCw== > > -----END CERTIFICATE----- > > subject=/C=00/ST=CH/L=DC/O=foo.bar/OU=mail/CN=Server foo.bar Mail IMAP > > issuer=/C=00/ST=CH/O=foo.bar/OU=Server/CN=IM Server foo.bar > > --- > > No client certificate CA names sent > > Peer signing digest: SHA512 > > Server Temp Key: X25519, 253 bits > > --- > > SSL handshake has read 2361 bytes and written 295 bytes > > Verification error: unable to verify the first certificate > > --- > > New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 > > Server public key is 4096 bit > > Secure Renegotiation IS supported > > Compression: NONE > > Expansion: NONE > > No ALPN negotiated > > SSL-Session: > > Protocol : TLSv1.2 > > Cipher : ECDHE-RSA-AES256-GCM-SHA384 > > Session-ID: > > 9636556EDC5BA951A6EE3BCAB17BCFAEEE8B380C097EC0C7F20D68BAF2775782 > > Session-ID-ctx: > > Master-Key: [ obfuscated ] > > PSK identity: None > > PSK identity hint: None > > SRP username: None > > Start Time: 1532971172 > > Timeout : 7200 (sec) > > Verify return code: 21 (unable to verify the first certificate) > > Extended master secret: yes > > --- > > . OK Pre-login capabilities listed, post-login capabilities have more. > > > > > > Missed the public certificate where the csr is generated with an EC > private key and the [ no shared cipher ] error: > > -----BEGIN CERTIFICATE----- > MIIDmTCCAv6gAwIBAgICEAEwCgYIKoZIzj0EAwQwWTELMAkGA1UEBhMCMDAxCzAJ > BgNVBAgMAkNIMRAwDgYDVQQKDAd2dG9sLm1lMQ8wDQYDVQQLDAZTZXJ2ZXIxGjAY > BgNVBAMMEUlNIFNlcnZlciB2dG9sLm1lMB4XDTE4MDcyNTE0NDAxMloXDTE5MDcy > NTE0NDAxMlowazELMAkGA1UEBhMCMDAxCzAJBgNVBAgMAkNIMQswCQYDVQQHDAJE > QzEQMA4GA1UECgwHdnRvbC5tZTENMAsGA1UECwwEbWFpbDEhMB8GA1UEAwwYU2Vy > dmVyIE1haWwgSW1hcCB2dG9sLm1lMIGbMBQGByqGSM49AgEGCSskAwMCCAEBDgOB > ggAEdZAqTZhgEaAspsZWe8ss8LC2vxMP9ClHwtjKwVuTAnhJFDX5wWkaukjVw1HW > ngwQAI2n9KwyRC3311yWKOQjrkhPw50sbK1UOuypof0fucYzo+B1+YRaae9a2vJx > DjljXrvEcXskXdjUFdMIxUAtnHbHuyql8bMJ715ypXADUdGjggFfMIIBWzAJBgNV > HRMEAjAAMB0GA1UdDgQWBBROPXTACC4fuaOX5iSNONpuyVAB5jCBkQYDVR0jBIGJ > MIGGgBS3Lw1T3o47TWjAt/WDb3c2x521maFqpGgwZjELMAkGA1UEBhMCMDAxCzAJ > BgNVBAgMAkNIMQswCQYDVQQHDAJEQzEQMA4GA1UECgwHdnRvbC5tZTEPMA0GA1UE > CwwGU2VydmVyMRowGAYDVQQDDBFDQSBTZXJ2ZXIgdnRvbC5tZYICEAAwDgYDVR0P > AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBEGCCsGAQUFBwEYBAUwAwIB > ETBGBgNVHR8EPzA9MDugOaA3hjVmaWxlOi9ldGMvcGtpL3Z0b2wubWUvc2VydmVy > L2ltL2NybC9pbV9zZXJ2ZXIuY3JsLnBlbTAbBgNVHREEFDAShwSsGG0GggRtYWls > ggRpbWFwMAoGCCqGSM49BAMEA4GIADCBhAJAdRE8iPNsGMCuwYQjykDeDVngTmO8 > YT3tjFh3RrwNEDewPesByTHxhU6E+s98in9cq8rqAGSH8547Cq2KC/BOywJAGNHd > SF0PuAzqghQ7JKXqufjxKEyMMEu4H9HlH/h4lwX9hUO5EVDlCNqkcHHu9TCXBCmR > xT/8nuAtTycVigK88A== > -----END CERTIFICATE----- > > >
I did some local testing and it seems that you are using a curve that is not acceptable for openssl as a server key. I tested with openssl s_server -cert ec-cert.pem -key ec-key.pem -port 5555 using cert generated with brainpool. Everything works if I use prime256v1 or secp521r1. This is a limitation in OpenSSL and not something we can really do anything about. Aki Tuomi Open-Xchange Oy
