openssl client v1.1.0 can not connect: handshake failure:ssl/record/rec_layer_s3.c:1385:SSL alert number 40

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

openssl client v1.1.0 can not connect: handshake failure:ssl/record/rec_layer_s3.c:1385:SSL alert number 40

Matthias Apitz-4


Hello,

We run a SSL client/server application, where the server is written in
Java using jdk1.8.0_31 and the client is written in C. We prepare the
update to OpenSSL 1.1.0 for the C client and are facing the problem, that
not even the OpenSSL s_client can now connect to our server. It says:

4146546432:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1385:SSL alert number 40

More details below.



server:

written in Java, using jdk1.8.0_31


client:

$ openssl version
OpenSSL 1.0.2e-freebsd 3 Dec 2015

$ nohup openssl s_client -tls1_2 -connect 10.23.33.55:58076
quit


$ cat nohup.out
depth=0 C = de, ST = Germany, L = Munich, O = unixarea.de, OU = gTech, CN = Matthias Apitz
verify error:num=18:self signed certificate
verify return:1
depth=0 C = de, ST = Germany, L = Munich, O = unixarea.de, OU = gTech, CN = Matthias Apitz
verify return:1
CONNECTED(00000004)
---
Certificate chain
 0 s:/C=de/ST=Germany/L=Munich/O=unixarea.de/OU=gTech/CN=Matthias Apitz
   i:/C=de/ST=Germany/L=Munich/O=unixarea.de/OU=gTech/CN=Matthias Apitz
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDPDCCAvmgAwIBAgIEcrMKAzALBgcqhkjOOAQDBQAwbzELMAkGA1UEBhMCZGUx
...
-----END CERTIFICATE-----
subject=/C=de/ST=Germany/L=Munich/O=unixarea.de/OU=gTech/CN=Matthias Apitz
issuer=/C=de/ST=Germany/L=Munich/O=unixarea.de/OU=gTech/CN=Matthias Apitz
---
No client certificate CA names sent
Peer signing digest: SHA1
Server Temp Key: DH, 1024 bits
---
SSL handshake has read 1427 bytes and written 507 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-DSS-AES128-GCM-SHA256
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : DHE-DSS-AES128-GCM-SHA256
    Session-ID: 58A69B4328BCDD246B3C2B1D7B600273AF8ACC16DE91EBB94980B1909D1D17C8
    Session-ID-ctx:
    Master-Key: 78F0BA616EE9DBFF8BDF4A294DA70494979CBE9761185228A056C07DEC9EEBC8D126D14A27F1FDA55D4AA42DFB29E684
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1487313732
    Timeout   : 7200 (sec)
    Verify return code: 18 (self signed certificate)
---
OK - message received
closed




client:

$ /usr/local/sisis-pap/bin/openssl version
OpenSSL 1.1.0d  26 Jan 2017


$ /usr/local/sisis-pap/bin/openssl s_client -connect 10.23.33.55:58076
CONNECTED(00000003)
4146546432:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1385:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 176 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1487313886
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---

--
Matthias Apitz, ✉ [hidden email], ⌂ http://www.unixarea.de/  ☎ +49-176-38902045
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: openssl client v1.1.0 can not connect: handshake failure:ssl/record/rec_layer_s3.c:1385:SSL alert number 40

Matt Caswell-2


On 17/02/17 07:46, Matthias Apitz wrote:
> New, TLSv1/SSLv3, Cipher is DHE-DSS-AES128-GCM-SHA256

Your server appears to be configured with a DSA certificate.

OpenSSL 1.1.0 made changes to the default ciphersuites that get sent.
See this CHANGES entry:

  *) Changes to the DEFAULT cipherlist:
       - Prefer (EC)DHE handshakes over plain RSA.
       - Prefer AEAD ciphers over legacy ciphers.
       - Prefer ECDSA over RSA when both certificates are available.
       - Prefer TLSv1.2 ciphers/PRF.
       - Remove DSS, SEED, IDEA, CAMELLIA, and AES-CCM from the
         default cipherlist.
     [Emilia Käsper]

So OpenSSL 1.1.0 does not offer any DSS based ciphersuites by default
any more. If your server only has a DSA certificate then this is going
to fail.

Matt
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: openssl client v1.1.0 can not connect: handshake failure:ssl/record/rec_layer_s3.c:1385:SSL alert number 40

Matthias Apitz-4
El día Friday, February 17, 2017 a las 09:57:39AM +0000, Matt Caswell escribió:

>
>
> On 17/02/17 07:46, Matthias Apitz wrote:
> > New, TLSv1/SSLv3, Cipher is DHE-DSS-AES128-GCM-SHA256
>
> Your server appears to be configured with a DSA certificate.
>
> OpenSSL 1.1.0 made changes to the default ciphersuites that get sent.
> See this CHANGES entry:
>
>   *) Changes to the DEFAULT cipherlist:
>        - Prefer (EC)DHE handshakes over plain RSA.
>        - Prefer AEAD ciphers over legacy ciphers.
>        - Prefer ECDSA over RSA when both certificates are available.
>        - Prefer TLSv1.2 ciphers/PRF.
>        - Remove DSS, SEED, IDEA, CAMELLIA, and AES-CCM from the
>          default cipherlist.
>      [Emilia Käsper]
>
> So OpenSSL 1.1.0 does not offer any DSS based ciphersuites by default
> any more. If your server only has a DSA certificate then this is going
> to fail.

Thanks. I have aadded more ciphers using SSL_set_cipher_list(3) and all
is fine now.

        matthias

--
Matthias Apitz, ✉ [hidden email], ⌂ http://www.unixarea.de/  ☎ +49-176-38902045
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Loading...