Re: [openssl-users] What does this error mean?

2018-04-18 Thread Salz, Rich via openssl-users 
>wget --no-check-certificate https://bootstrap.pypa.io/get-pip.py
  
When I try this:
; ./apps/openssl s_client -connect bootstrap.pypa.io:443 -tls1_1
It fails.  When I leave off the last flag, it connects via TLS 1.2

So that website does not support anything older than TLS 1.2, apparently.  
You'll have to build a modern OpenSSL, and then wget to use that version.  Good 
luck.


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Rob Marshall 
Hi,

The command I'm running is:

wget --no-check-certificate https://bootstrap.pypa.io/get-pip.py

So in this particular case the host is: bootstrap.pypa.io. I was
trying to install the Python pip command.

Rob

On Mon, Apr 16, 2018 at 5:53 PM, Salz, Rich via openssl-users
 wrote:
> You didn't answer the question that was asked.
>
> Which host?
>
> On 4/16/18, 4:23 PM, "Rob Marshall"  wrote:
>
> Hi,
>
> I built and installed OpenSSL 1.0.2n and I'm still seeing the problem.
> I originally tried to build/install 1.1.0h but my goal was to
> build/install an updated OpenSSH (7.7.p1) and it wouldn't build with
> that version and a straight 1.1.0 build failed. So I went with the
> most recent 1.0.2 (in this case n) that I could find.
>
> Rob
>
> On Mon, Apr 16, 2018 at 2:33 PM, Marcus Meissner  wrote:
> > On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote:
> >> Hi,
> >>
> >> It may not be relevant, but I'm running SLES 10 SP3 which is a very
> >> old version of the OS and I can't upgrade it due to some installed
> >> products. When I try to do a wget I'm seeing the error:
> >>
> >> OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
> >> alert protocol version
> >>
> >> What does the error mean and how do I fix it?
> >
> > From which host? The host probably only speaks TLS 1.2.
> >
> > Ciao, Marcus
> > --
> > openssl-users mailing list
> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Salz, Rich via openssl-users 
You didn't answer the question that was asked.

Which host?

On 4/16/18, 4:23 PM, "Rob Marshall"  wrote:

Hi,

I built and installed OpenSSL 1.0.2n and I'm still seeing the problem.
I originally tried to build/install 1.1.0h but my goal was to
build/install an updated OpenSSH (7.7.p1) and it wouldn't build with
that version and a straight 1.1.0 build failed. So I went with the
most recent 1.0.2 (in this case n) that I could find.

Rob

On Mon, Apr 16, 2018 at 2:33 PM, Marcus Meissner  wrote:
> On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote:
>> Hi,
>>
>> It may not be relevant, but I'm running SLES 10 SP3 which is a very
>> old version of the OS and I can't upgrade it due to some installed
>> products. When I try to do a wget I'm seeing the error:
>>
>> OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
>> alert protocol version
>>
>> What does the error mean and how do I fix it?
>
> From which host? The host probably only speaks TLS 1.2.
>
> Ciao, Marcus
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Rob Marshall 
Hi,

When I do that I see, among other things:

...
SSL-Session:
Protocol  : TLSv1.2
Cipher: ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 9B63040F2D2F498F610A84E4A9D9017AF375772DFDDA760378666391A17C2C75
...

When I tried to force TLSv1.2 I got:

hostname:~ # wget --no-check-certificate --secure-protocol=TLSv1_2
https://bootstrap.pypa.io/get-pip.py
wget: --secure-protocol: Invalid value `TLSv1_2'.

My guess is that it's just too old of a version of wget. I was going
to try to build/install a newer version, but it seems to have
prerequisites I can't meet on SLES 10 SP3.

Thanks,

Rob

On Mon, Apr 16, 2018 at 5:17 PM, Michael Wojcik
 wrote:
> It may be how the (probably somewhat outdated) version of wget is using the
> openssl API. Try "openssl s_client -connect server:port", using the server
> and port you're trying to get wget to connect to.
>
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Michael Wojcik 
It may be how the (probably somewhat outdated) version of wget is using the 
openssl API. Try "openssl s_client -connect server:port", using the server and 
port you're trying to get wget to connect to.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Rob Marshall 
Hi,

I built and installed OpenSSL 1.0.2n and I'm still seeing the problem.
I originally tried to build/install 1.1.0h but my goal was to
build/install an updated OpenSSH (7.7.p1) and it wouldn't build with
that version and a straight 1.1.0 build failed. So I went with the
most recent 1.0.2 (in this case n) that I could find.

Rob

On Mon, Apr 16, 2018 at 2:33 PM, Marcus Meissner  wrote:
> On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote:
>> Hi,
>>
>> It may not be relevant, but I'm running SLES 10 SP3 which is a very
>> old version of the OS and I can't upgrade it due to some installed
>> products. When I try to do a wget I'm seeing the error:
>>
>> OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
>> alert protocol version
>>
>> What does the error mean and how do I fix it?
>
> From which host? The host probably only speaks TLS 1.2.
>
> Ciao, Marcus
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Marcus Meissner 
On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote:
> Hi,
> 
> It may not be relevant, but I'm running SLES 10 SP3 which is a very
> old version of the OS and I can't upgrade it due to some installed
> products. When I try to do a wget I'm seeing the error:
> 
> OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
> alert protocol version
> 
> What does the error mean and how do I fix it?

>From which host? The host probably only speaks TLS 1.2.

Ciao, Marcus
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Michael Wojcik 
The server is rejecting the connection because it doesn't like the SSL/TLS 
version range that wget is offering. Anything prior to TLSv1.1 suffers from 
vulnerabilities that can be exploited under practical conditions, so many 
servers reject older protocol versions.


You don't have to upgrade the OS to put a newer version of OpenSSL on, though 
you may have to build OpenSSL yourself.


From: openssl-users <openssl-users-boun...@openssl.org> on behalf of Rob 
Marshall <rob.marshal...@gmail.com>
Sent: Monday, April 16, 2018 2:27:17 PM
To: openssl-users@openssl.org
Subject: [openssl-users] What does this error mean?

Hi,

It may not be relevant, but I'm running SLES 10 SP3 which is a very
old version of the OS and I can't upgrade it due to some installed
products. When I try to do a wget I'm seeing the error:

OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
alert protocol version

What does the error mean and how do I fix it?

Thanks,

Rob
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] What does this error mean?

2018-04-16 Thread Rob Marshall 
Hi,

It may not be relevant, but I'm running SLES 10 SP3 which is a very
old version of the OS and I can't upgrade it due to some installed
products. When I try to do a wget I'm seeing the error:

OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
alert protocol version

What does the error mean and how do I fix it?

Thanks,

Rob
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-25 Thread Blumenthal, Uri - 0553 - MITLL 
  > Thank you!  So it is the *client* that breaks the connection,
  > and it is unhappy either about MiTM, or the encoding. I will
  > check for both (though not much I can do about either).

Presumably you've added that cert to some trust store on the system in 
question.

Yes I did (though reluctantly :).

The support staff for the product should be able to tell you how to 
configure
trusted TLS CAs, if these are configurable.

Yes, I’m bringing this to them, in hope that they’d resolve it.

If the product is not using OpenSSL, this question really is off topic for
this list.  If it is using OpenSSL, there may be some place where it looks
for its CAfile or some CApath directory.

Frankly, I don’t know – to me it’s an executable black-box. I’ll try to dig. 
But I think you’ve provided me with all I need to point our support at the root 
cause.

Thanks!! 


smime.p7s
Description: S/MIME cryptographic signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-25 Thread Viktor Dukhovni 

> On Apr 25, 2017, at 4:41 PM, Blumenthal, Uri - 0553 - MITLL  
> wrote:
> 
>Client objects to the server chain.  Either does not trust the MiTM root 
> CA, or
>is unhappy about its encoding (assuming tshark is not generating an FP 
> warning).
> 
> Thank you!  So it is the *client* that breaks the connection, and it is 
> unhappy either about MiTM, or the encoding. I will check for both (though not 
> much I can do about either).

Well, if there is not facility to configure the client's trusted root CAs,
then of course it won't trust the MiTM root cert.  Presumably you've added
that cert to some trust store on the system in question.

The support staff for the product should be able to tell you how to configure
trusted TLS CAs, if these are configurable.

If the product is not using OpenSSL, this question really is off topic for
this list.  If it is using OpenSSL, there may be some place where it looks
for its CAfile or some CApath directory.

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-25 Thread Blumenthal, Uri - 0553 - MITLL 
> extensions: 4 items
> Extension (ns_cert_exts.comment)
> Extension Id: 2.16.840.1.113730.1.13 
(ns_cert_exts.comment)
> BER Error: String with tag=22 expected 
but class:UNIVERSAL(0)
>   primitive 
tag:12 was unexpected
> [Expert Info (Warn/Malformed): BER 
Error: String expected]
> [BER Error: String expected]
> [Severity level: Warn]
> [Group: Malformed]

This is odd, is tshark buggy, too picky, or is the issuer cert actually 
malformed?

I don’t know off-hand, will check, and bring to the attention of those who run 
the proxy.


> algorithmIdentifier (shaWithRSAEncryption)
> Algorithm Id: 1.2.840.113549.1.1.5 
(shaWithRSAEncryption)
> Padding: 0
> encrypted: 
408fc9a991e6cebbec05fa6b2463d89bcb8b2dc888c1a1b6...

Issuer cert is an MiTM proxy, and possibly has encoding errors.
   
Got it, thanks.



> Secure Sockets Layer
> TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Certificate 
Unknown)
> Content Type: Alert (21)
> Version: TLS 1.2 (0x0303)
> Length: 2
> Alert Message
> Level: Fatal (2)
> Description: Certificate Unknown (46)

Client objects to the server chain.  Either does not trust the MiTM root 
CA, or
is unhappy about its encoding (assuming tshark is not generating an FP 
warning).

Thank you!  So it is the *client* that breaks the connection, and it is unhappy 
either about MiTM, or the encoding. I will check for both (though not much I 
can do about either).

Thanks! (At least I have an idea now what’s going on.) 


smime.p7s
Description: S/MIME cryptographic signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-25 Thread Viktor Dukhovni 

> On Apr 25, 2017, at 3:17 PM, Blumenthal, Uri - 0553 - MITLL  
> wrote:

> Secure Sockets Layer
> SSL Record Layer: Handshake Protocol: Client Hello
> Content Type: Handshake (22)
> Version: TLS 1.2 (0x0303)
> Length: 228
> Handshake Protocol: Client Hello
> Handshake Type: Client Hello (1)
> Length: 224
> Version: TLS 1.2 (0x0303)
> ... vanilla client hello ...
> 
> Secure Sockets Layer
> TLSv1.2 Record Layer: Handshake Protocol: Server Hello
> Content Type: Handshake (22)
> Version: TLS 1.2 (0x0303)
> Length: 89
> Handshake Protocol: Server Hello
> Handshake Type: Server Hello (2)
> Length: 85
> Version: TLS 1.2 (0x0303)
> Random
> GMT Unix Time: Jan 12, 2043 21:01:43.0 EST
> Random Bytes: 
> 74befd6060b40803a1f281de721667ea45ac751fb7cd...
> Session ID Length: 32
> Session ID: c07a259d71e9906c44632f6f9e885d40a647d514ef5deb8b...
> Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
> ... vanilla server hello ...
> 
> Secure Sockets Layer
> TLSv1.2 Record Layer: Handshake Protocol: Certificate
> Content Type: Handshake (22)
> Version: TLS 1.2 (0x0303)
> Length: 2017
> Handshake Protocol: Certificate
> Handshake Type: Certificate (11)
> Length: 2013
> Certificates Length: 2010
> Certificates (2010 bytes)
> Certificate Length: 1038
> Certificate (id-at-commonName=cs.visual-paradigm.com)
> signedCertificate
> version: v3 (2)
> serialNumber : 
> 0x1c3d07eea2d576e83c60613e5f3c2a18e518b8a0
> signature (sha256WithRSAEncryption)
> Algorithm Id: 1.2.840.113549.1.1.11 
> (sha256WithRSAEncryption)

EE cert sigalg is normal

> issuer: rdnSequence (0)
> rdnSequence: 6 items (id-at-commonName=McAfee Web 
> Gateway,id-at-countryName=US,...
> RDNSequence item: 1 item 
> (id-at-organizationName=MIT Lincoln Laboratory)
> RelativeDistinguishedName item 
> (id-at-organizationName=MIT Lincoln Laboratory)
> Id: 2.5.4.10 (id-at-organizationName)
> DirectoryString: uTF8String (4)
> uTF8String: MIT Lincoln Laboratory
> . . . . .
> RDNSequence item: 1 item 
> (id-at-commonName=McAfee Web Gateway)
> RelativeDistinguishedName item 
> (id-at-commonName=McAfee Web Gateway)
> Id: 2.5.4.3 (id-at-commonName)
> DirectoryString: uTF8String (4)
> uTF8String: McAfee Web Gateway

EE cert issuer looks OK.

> validity
> notBefore: utcTime (0)
> utcTime: 17-04-24 18:35:25 (UTC)
> notAfter: utcTime (0)
> utcTime: 18-04-24 18:35:25 (UTC)


EE cert validity is one year, looks OK.

> subject: rdnSequence (0)
> rdnSequence: 1 item 
> (id-at-commonName=cs.visual-paradigm.com)
> RDNSequence item: 1 item 
> (id-at-commonName=cs.visual-paradigm.com)
> RelativeDistinguishedName item 
> (id-at-commonName=cs.visual-paradigm.com)
> Id: 2.5.4.3 (id-at-commonName)
> DirectoryString: uTF8String (4)
> uTF8String: cs.visual-paradigm.com

EE cert Subject looks OK.

> subjectPublicKeyInfo
> algorithm (rsaEncryption)
> Algorithm Id: 1.2.840.113549.1.1.1 
> (rsaEncryption)
> Padding: 0
> subjectPublicKey: 
> 3082010a02820101009a686b8a742ec2e4341a6f43e20f71...

The EE public key is 256 octets or 2048 bits, looks OK.

> extensions: 5 items
> Extension (id-ce-basicConstraints)
> Extension Id: 2.5.29.19 
> (id-ce-basicConstraints)
> BasicConstraintsSyntax [0 length]

EE empty basicConstraints defaults to CA:FALSE, OK

> Extension (id-ce-subjectKeyIdentifier)
> Extension Id: 2.5.29.14 
> (id-ce-subjectKeyIdentifier)
>

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-25 Thread Blumenthal, Uri - 0553 - MITLL 
On 4/24/17, 7:26 PM, "openssl-users on behalf of Viktor Dukhovni" 
 
wrote:

I get slightly annoyed when I take the time to help, but my response is
skimmed over and not read carefully.  Upthread I said:

See my recent post: 
https://www.spinics.net/lists/openssl-users/msg05623.html
for instructions on how to extract SSL info from PCAP files in a way that
mostly trims away endpoint details...

My apologies. Please find attached the tshark-processed (as instructed) PCAPNG 
file. I’d love to learn what one can glean from it.


If the alert is from the application to the proxy, then most likely the
application does not trust the proxy MiTM root CA.

Thanks!  

Secure Sockets Layer
SSL Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 228
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 224
Version: TLS 1.2 (0x0303)
Random
GMT Unix Time: Apr 24, 2017 17:59:40.0 EDT
Random Bytes: 
010124d7b6a3fcc51f5495bfaeb11c0be284472c54217e63...
Session ID Length: 0
Cipher Suites Length: 58
Cipher Suites (29 suites)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 (0xc025)
Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 (0xc029)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (0xc004)
Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (0xc00e)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02d)
Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 (0xc031)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00a2)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc008)
Cipher Suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012)
Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
Cipher Suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc003)
Cipher Suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA (0xc00d)
Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016)
Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
Compression Methods Length: 1
Compression Methods (1 method)
Compression Method: null (0)
Extensions Length: 125
Extension: elliptic_curves
Type: elliptic_curves (0x000a)
Length: 52
Elliptic Curves Length: 50
Elliptic curves (25 curves)
Elliptic curve: secp256r1 (0x0017)
Elliptic curve: sect163k1 (0x0001)
Elliptic curve: sect163r2 (0x0003)
Elliptic curve: secp192r1 (0x0013)
Elliptic curve: secp224r1 (0x0015)
Elliptic curve: sect233k1 (0x0006)
Elliptic curve: sect233r1 (0x0007)
Elliptic curve: sect283k1 (0x0009)
Elliptic curve: sect283r1 (0x000a)
Elliptic curve: secp384r1 (0x0018)
Elliptic curve: sect409k1 (0x000b)
Elliptic curve: sect409r1 (0x000c)
Elliptic curve: secp521r1 (0x0019)
Elliptic curve: sect571k1 (0x000d)
Elliptic curve: sect571r1 (0x000e)
Elliptic curve: secp160k1 (0x000f)
Elliptic curve: secp160r1 (0x0010)
Elliptic curve: secp160r2 (0x0011)
Elliptic curve: sect163r1 (0x0002)
Elliptic curve: secp192k1 (0x0012)

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-24 Thread Viktor Dukhovni 

> On Apr 24, 2017, at 7:11 PM, Blumenthal, Uri - 0553 - MITLL  
> wrote:
> 
>Please report tshark output, not an approximate rendition.  In what 
> direction
>is the alert sent?
> 
> I’m using WireShark. The IP addresses on the Alert packet show local host as 
> the source, and the proxy as the destination. Is there another way to tell 
> the direction? Or how to present it in a way that I can sanitize the output 
> and post here?

I get slightly annoyed when I take the time to help, but my response is
skimmed over and not read carefully.  Upthread I said:

See my recent post: https://www.spinics.net/lists/openssl-users/msg05623.html
for instructions on how to extract SSL info from PCAP files in a way that
mostly trims away endpoint details... (of course SNI names and cert names
would still be there, so you'd need to trim those if you want to anonymize
the guilty parties).

Install tshark somewhere, and use it to decode the PCAP file.  Then post
the results.

If the alert is from the application to the proxy, then most likely the
application does not trust the proxy MiTM root CA.

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-24 Thread Blumenthal, Uri - 0553 - MITLL 
> I went through the capture between the app (local end) and the proxy. It 
appears that the sequence is:
> 
> ClientHello -> (from app to proxy, with a ton of cipher suites, including 
0xc02f)
>   <-  ServerHello (with TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 – 
present in ClientHello)
>   <- CertificateServer Key Exchange, Server Hello Done (includes 
proxy’s cert rather than the remote end’s cert)
> 
> Alert (Level: Fatal, Description: Certificate Unknown) ->
> 
> So it appears that the app expects the remote end’s cert, and is not 
happy getting the proxy’s cert instead?

Please report tshark output, not an approximate rendition.  In what 
direction
is the alert sent?

I’m using WireShark. The IP addresses on the Alert packet show local host as 
the source, and the proxy as the destination. Is there another way to tell the 
direction? Or how to present it in a way that I can sanitize the output and 
post here?

In response to this Alert packet I see two packets from the proxy to the local 
host: 
- [ACK]
- [PSH, ACK]

And then from the local host to the proxy:
- [FIN, ACK]
- [RST]
- [RST]



It is indeed possible that the application is not configured for and 
correctly
rejects the forged certificate of the MiTM proxy.  It would need the Root CA
of the proxy as a trusted issuer, but that may not be configurable.  In 
which
case you'd need to let the app connect directly to the remote server without
an MiTM-proxy.

Understood, thanks! 


smime.p7s
Description: S/MIME cryptographic signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-24 Thread Viktor Dukhovni 

> On Apr 24, 2017, at 6:11 PM, Blumenthal, Uri - 0553 - MITLL  
> wrote:
> 
> I went through the capture between the app (local end) and the proxy. It 
> appears that the sequence is:
> 
> ClientHello -> (from app to proxy, with a ton of cipher suites, including 
> 0xc02f)
>   <-  ServerHello (with TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 – present 
> in ClientHello)
>   <- CertificateServer Key Exchange, Server Hello Done (includes proxy’s 
> cert rather than the remote end’s cert)
> 
> Alert (Level: Fatal, Description: Certificate Unknown) ->
> 
> So it appears that the app expects the remote end’s cert, and is not happy 
> getting the proxy’s cert instead?

Please report tshark output, not an approximate rendition.  In what direction
is the alert sent?

It is indeed possible that the application is not configured for and correctly
rejects the forged certificate of the MiTM proxy.  It would need the Root CA
of the proxy as a trusted issuer, but that may not be configurable.  In which
case you'd need to let the app connect directly to the remote server without
an MiTM-proxy.

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-24 Thread Blumenthal, Uri - 0553 - MITLL 
> Handshake failed
> 
> The SSL handshake could not be performed.
> 
> Host:  Reason: error:14094416:SSL
> routines:ssl3_read_bytes:sslv3 alert certificate unknown:state
> 23:Application response 500 handshakefailed
> 
> 
> generated 2017-04-24 15:28:13 by webwasher4
> Java/1.8.0_112 

Webwasher is your proxy right?

Yes. (


So it is clearly webwasher that is
generating this error message (it says so in the text above!). The
OpenSSL error contained in this text occurs when the remote peer sends a
fatal alert to the local endpoint. So it looks to me like your proxy has
initiated a TLS connection to the remote host but the remote host has
rejected the handshake and sent back a "certificate unknown" fatal alert.

A certificate unknown alert has the following description in the RFCs:

   certificate_unknown
  Some other (unspecified) issue arose in processing the
  certificate, rendering it unacceptable.

So, my guess is that the remote host has requested a client certificate
(i.e. client auth) and your proxy has been unable to provide it.

Understood, thanks! 


smime.p7s
Description: S/MIME cryptographic signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-24 Thread Matt Caswell 


On 24/04/17 22:18, Blumenthal, Uri - 0553 - MITLL wrote:
> I use a 3rd-party application that is trying to update itself (so
> it’s trying to “call home”). Naturally, I’m behind a corporate
> firewall and Web proxy. The app has been configured to use that
> proxy. It fails to connect. Packet capture reveals the following:
> 
> Handshake failed
> 
> The SSL handshake could not be performed.
> 
> Host:  Reason: error:14094416:SSL
> routines:ssl3_read_bytes:sslv3 alert certificate unknown:state
> 23:Application response 500 handshakefailed
> 
>  generated 2017-04-24 15:28:13 by
> webwasher4 Java/1.8.0_112
> 

Webwasher is your proxy right? So it is clearly webwasher that is
generating this error message (it says so in the text above!). The
OpenSSL error contained in this text occurs when the remote peer sends a
fatal alert to the local endpoint. So it looks to me like your proxy has
initiated a TLS connection to the remote host but the remote host has
rejected the handshake and sent back a "certificate unknown" fatal alert.

A certificate unknown alert has the following description in the RFCs:

   certificate_unknown
  Some other (unspecified) issue arose in processing the
  certificate, rendering it unacceptable.

So, my guess is that the remote host has requested a client certificate
(i.e. client auth) and your proxy has been unable to provide it.

Matt


> 
> I must be dense today (and please, no comment about how this state
> might be more permanent than that (), but I can’t figure even which
> peer is complaining. Is it the local end (aka the application) that
> doesn’t like the proxy’s certificate? Is it the Web proxy that
> doesn’t like the remote host certificate? Or is it the remote end
> that doesn’t like the proxy’s certificate?
> 
> I can connect to the remote host via browser just fine…
> 
> Thanks! — Regards, Uri Blumenthal
> 
> 
> 
> 
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-24 Thread Blumenthal, Uri - 0553 - MITLL 
> I use a 3rd-party application that is trying to update itself (so it’s 
trying to “call home”).
> Naturally, I’m behind a corporate firewall and Web proxy. The app has 
been configured to use
> that proxy. It fails to connect. Packet capture reveals the following:

You're noticeably at this point in the problem report.  Is this a packet 
capture
between the application and the proxy, or between the proxy and the outside 
host?

It is between the app and the proxy. I have no access to the proxy <-> outside 
traffic. (

At what stage of the handshake is the alert seen?

It looks like it’s after the initial handshake (I see HTTP 200 before this).

Have you tried using "curl" to complete a proxied connection to the remote 
server?

Nope. I don’t even know what to try to “curl” from there, and browser connects 
fine.


> Handshake failed
> 
> The SSL handshake could not be performed.
> 
> Host: 
> Reason: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert 
certificate unknown:state 23:Application response 500 handshakefailed

The alert is always generated remotely and reported locally.  It could
in theory come from the proxy, but more likely from the real remote
server.

I see, thanks!



The server may not like the client's ciphers or protocol version.

See my recent post: 
https://www.spinics.net/lists/openssl-users/msg05623.html
for instructions on how to extract SSL info from PCAP files in a way that
mostly trims away endpoint details... (of course SNI names and cert names
would still be there, so you'd need to trim those if you want to anonymize
the guilty parties).

I cannot do “openssl s_client …” because the proxy doesn’t let it through.


Capture the traffic between the proxy and the remote server if at all
possible, and compare with the trace between client and proxy.

Alas, cannot. Though I can ask people in charge of the proxy to do that.

I went through the capture between the app (local end) and the proxy. It 
appears that the sequence is:

ClientHello -> (from app to proxy, with a ton of cipher suites, including 
0xc02f)
   <-  ServerHello (with TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 – present in 
ClientHello)
   <- CertificateServer Key Exchange, Server Hello Done (includes proxy’s 
cert rather than the remote end’s cert)

Alert (Level: Fatal, Description: Certificate Unknown) ->

So it appears that the app expects the remote end’s cert, and is not happy 
getting the proxy’s cert instead?

 


smime.p7s
Description: S/MIME cryptographic signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-24 Thread Viktor Dukhovni 

> On Apr 24, 2017, at 5:18 PM, Blumenthal, Uri - 0553 - MITLL  
> wrote:
> 
> I use a 3rd-party application that is trying to update itself (so it’s trying 
> to “call home”). Naturally, I’m behind a corporate firewall and Web proxy. 
> The app has been configured to use that proxy. It fails to connect. Packet 
> capture reveals the following:

You're noticeably at this point in the problem report.  Is this a packet capture
between the application and the proxy, or between the proxy and the outside 
host?
At what stage of the handshake is the alert seen?

Have you tried using "curl" to complete a proxied connection to the remote 
server?

> Handshake failed
> 
> The SSL handshake could not be performed.
> 
> Host: 
> Reason: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate 
> unknown:state 23:Application response 500 handshakefailed

The alert is always generated remotely and reported locally.  It could
in theory come from the proxy, but more likely from the real remote
server.


> I must be dense today (and please, no comment about how this state might be 
> more permanent than that (), but I can’t figure even which peer is 
> complaining. Is it the local end (aka the application) that doesn’t like the 
> proxy’s certificate? Is it the Web proxy that doesn’t like the remote host 
> certificate? Or is it the remote end that doesn’t like the proxy’s 
> certificate?
> 
> I can connect to the remote host via browser just fine

The server may not like the client's ciphers or protocol version.

See my recent post: https://www.spinics.net/lists/openssl-users/msg05623.html
for instructions on how to extract SSL info from PCAP files in a way that
mostly trims away endpoint details... (of course SNI names and cert names
would still be there, so you'd need to trim those if you want to anonymize
the guilty parties).

Capture the traffic between the proxy and the remote server if at all
possible, and compare with the trace between client and proxy.

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

2017-04-24 Thread Blumenthal, Uri - 0553 - MITLL 
I use a 3rd-party application that is trying to update itself (so it’s trying 
to “call home”). Naturally, I’m behind a corporate firewall and Web proxy. The 
app has been configured to use that proxy. It fails to connect. Packet capture 
reveals the following:

Handshake failed

The SSL handshake could not be performed.

Host: 
Reason: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate 
unknown:state 23:Application response 500 handshakefailed


generated 2017-04-24 15:28:13 by webwasher4 
Java/1.8.0_112


I must be dense today (and please, no comment about how this state might be 
more permanent than that (), but I can’t figure even which peer is complaining. 
Is it the local end (aka the application) that doesn’t like the proxy’s 
certificate? Is it the Web proxy that doesn’t like the remote host certificate? 
Or is it the remote end that doesn’t like the proxy’s certificate?

I can connect to the remote host via browser just fine…

Thanks!
—
Regards,
Uri Blumenthal
 


smime.p7s
Description: S/MIME cryptographic signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users