Hello,
> On 14. Jul 2023, at 05:43, Yasuhiro Kimura <[email protected]> wrote: > > 2023.07.14 12:29:12 LOG3[0]: SSL_connect: > /usr/src/crypto/openssl/ssl/t1_lib.c:1146: error:1414D172:SSL > routines:tls12_check_peer_sigalg:wrong signature type This likely happens because the connection uses an old version of TLS, which use SHA1 or older digests in the signature algorithm. The OpenSSL security level setting no longer allows this by default. See https://github.com/openssl/openssl/blob/master/ssl/t1_lib.c#L1824-L1841 which implements this. > 2023.07.14 12:31:12 LOG3[0]: SSL_connect: > /usr/src/crypto/openssl/ssl/statem/extensions.c:894: error:0A000152:SSL > routines::unsafe legacy renegotiation disabled This is a different problem. OpenSSL 3 disabled a path that is vulnerable to CVE-2009-3555 by default and now requires that peers send the RFC 5746 renegotiation indication extension, which your peer does not seem to support. If you want to allow such connections anyway (exposing them to CVE-2009-3555), you can set the SSL_OP_LEGACY_SERVER_CONNECT (for connections initiated by OpenSSL 3) or SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION (for connections accepted by OpenSSL 3). See the "SECURE RENEGOTIATION” section in https://www.openssl.org/docs/man3.0/man3/SSL_CTX_set_options.html for more details. These are also available as configuration options for openssl.cnf. See UnsafeLegacyRenegotiation and UnsafeLegacyServerConnect in https://www.openssl.org/docs/man3.0/man3/SSL_CONF_cmd.html. HTH, Clemens _______________________________________________ stunnel-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
