Re: Problems with TLS connections

["plot.lost" <plot.lost@xxxxxxxxx>]

On 24/04/2012 20:40, plot.lost wrote:
> On 24/04/2012 20:19, Carmel wrote:
> > On Tue, 24 Apr 2012 19:46:40 +0100
> > plot.lost articulated:
> >
> > > Having problems making TLS connections to an instance of apache.
> > >
> > > The server version is:
> > > Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8t
> > >
> > > The ssl config includes:
> > >
> > >     SSLProtocol TLSv1 SSLv3
> > >     SSLCipherSuite RC4-SHA:AES256-SHA:ALL:!ADH:!MD5:!EXP:!LOW:!NULL
> > >     SSLHonorCipherOrder on
> > >     # See
> > >     
> > > http://journal.paul.querna.org/articles/2010/07/10/overclocking-mod_ssl/ 
> > >
> > >     SSLVerifyClient none
> > >     #SSLInsecureRenegotiation on
> > >
> > >
> > > If I try and connect using Firefox with only TLS enabled, the
> > > connection fails (get the message 'The connection to the server was
> > > reset while the page was loading'). With SSLv3 enabled in Firefox, the
> > > connection works fine.
> > >
> > > Trying using openssl command line:
> > >
> > > openssl s_client -connect 127.0.0.1:443 -tls1
> > >
> > > gets
> > >
> > > CONNECTED(00000003)
> > > 15265:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
> > > number:s3_pkt.c:284:
> > >
> > > When trying with
> > >
> > > openssl s_client -connect 127.0.0.1:443 -sslv3
> > >
> > > the connection works
> > >
> > > New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
> > > Server public key is 4096 bit
> > > Secure Renegotiation IS supported
> > > Compression: NONE
> > > Expansion: NONE
> > > SSL-Session:
> > >      Protocol  : SSLv3
> > >      Cipher    : DHE-RSA-AES256-SHA
> > >      Session-ID:
> > > F86A80F46AF9AD0626B1051223C184553FC25B92AF1763E6728CAEF984C4CB58
> > >      Session-ID-ctx:
> > >      Master-Key:
> > > E0BE122F6671905DB5BBC40F874157F1A4625FC32A19AE1D67EC2255DC05DC7723A69A26A942E874C8CC219A28BB4936 
> > >
> > >      Key-Arg   : None
> > >      Start Time: 1335292940
> > >      Timeout   : 7200 (sec)
> > >
> > >
> > > Any clues as to why the TLS connection is not working - is there some
> > > config value I am missing or have wrong?
> > What version of SSL are you using? There was a problem with the update
> > of "openssl-1.0.1a" that caused problems with Postfix with certain
> > domains.
> >
> > Try this for starters:
> >
> > openssl s_client -connect 127.0.0.1:443 -tls1_2
> > openssl s_client -connect 127.0.0.1:443 -tls1_1
> > openssl s_client -connect 127.0.0.1:443 -tls1
> > openssl s_client -connect 127.0.0.1:443 -ssl3
> >
> > Post the connect or fail results back here.
> Command line openssl version is:
>
> OpenSSL 0.9.8t 18 Jan 2012 (Library: OpenSSL 0.9.8k 25 Mar 2009)
>
> -tls1_1 and -tls1_2 are not recognised options
> -tls1 fails
> -ssl3 connects fine.
>
> The apache httpd has been compiled against the same openssl (and is 
> running on the same box, ubuntu 10.04 LTS)
>
> Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8t
I've tried re-compiling Apache with OpenSSL 1.0.1a and now get the 
following results when using the command line to check (with -tls1 as 
the option)

/usr/local/ssl/bin/openssl s_client -connect 127.0.0.1:443 -tls1 -state -msg
CONNECTED(00000003)
SSL_connect:before/connect initialization
>>> TLS 1.0 Handshake [length 00de], ClientHello
    01 00 00 da 03 01 4f 97 0e bf c2 4c 7f d4 63 4f
    ae fd 04 d0 36 74 2b 65 93 e3 f9 8d 1e c4 11 0b
    59 b1 00 7b f7 96 00 00 68 c0 14 c0 0a c0 22 c0
    21 00 39 00 38 00 88 00 87 c0 0f c0 05 00 35 00
    84 c0 12 c0 08 c0 1c c0 1b 00 16 00 13 c0 0d c0
    03 00 0a c0 13 c0 09 c0 1f c0 1e 00 33 00 32 00
    9a 00 99 00 45 00 44 c0 0e c0 04 00 2f 00 96 00
    41 00 07 c0 11 c0 07 c0 0c c0 02 00 05 00 04 00
    15 00 12 00 09 00 14 00 11 00 08 00 06 00 03 00
    ff 01 00 00 49 00 0b 00 04 03 00 01 02 00 0a 00
    34 00 32 00 0e 00 0d 00 19 00 0b 00 0c 00 18 00
    09 00 0a 00 16 00 17 00 08 00 06 00 07 00 14 00
    15 00 04 00 05 00 12 00 13 00 01 00 02 00 03 00
    0f 00 10 00 11 00 23 00 00 00 0f 00 01 01
SSL_connect:SSLv3 write client hello A
>>> SSL 3.0 Alert [length 0002], fatal handshake_failure
    02 28
SSL3 alert write:fatal:handshake failure
SSL_connect:error in SSLv3 read server hello A
3077580424:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version 
number:s3_pkt.c:340:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 7 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1335299775
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---

When trying with tls1_1 for example, the connection works as follows:

CONNECTED(00000003)
SSL_connect:before/connect initialization
>>> TLS 1.1  [length 00de]
    01 00 00 da 03 02 4f 97 0f d4 6a 42 30 b2 b7 43
    46 9b 70 e6 5f 61 db 09 1d bb 8c 24 78 6a 4c 8c
    8d d3 91 66 5f 06 00 00 68 c0 14 c0 0a c0 22 c0
    21 00 39 00 38 00 88 00 87 c0 0f c0 05 00 35 00
    84 c0 12 c0 08 c0 1c c0 1b 00 16 00 13 c0 0d c0
    03 00 0a c0 13 c0 09 c0 1f c0 1e 00 33 00 32 00
    9a 00 99 00 45 00 44 c0 0e c0 04 00 2f 00 96 00
    41 00 07 c0 11 c0 07 c0 0c c0 02 00 05 00 04 00
    15 00 12 00 09 00 14 00 11 00 08 00 06 00 03 00
    ff 01 00 00 49 00 0b 00 04 03 00 01 02 00 0a 00
    34 00 32 00 0e 00 0d 00 19 00 0b 00 0c 00 18 00
    09 00 0a 00 16 00 17 00 08 00 06 00 07 00 14 00
    15 00 04 00 05 00 12 00 13 00 01 00 02 00 03 00
    0f 00 10 00 11 00 23 00 00 00 0f 00 01 01
SSL_connect:SSLv3 write client hello A
<<< TLS 1.1  [length 003a]
    02 00 00 36 03 02 4f 97 0f e7 ef 7f c2 a4 e8 5e
    f7 cb 7f 6c ad d4 d8 70 43 2f ea cd f3 9c 4e ba
    85 5b c4 e4 3d 64 00 00 05 00 00 0e ff 01 00 01
    00 00 23 00 00 00 0f 00 01 01
SSL_connect:SSLv3 read server hello A
<<< TLS 1.1  [length 1374]
    0b 00 13 70 00 13 6d 00 06 95 30 82 06 91 30 82
[---many lines cut---]
---
No client certificate CA names sent
---
SSL handshake has read 5311 bytes and written 797 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.1
    Cipher    : RC4-SHA
    Session-ID: 
58A8607E64B6203622412E9730387637D23E32B4B052F1CFB0B4204FDF885659
    Session-ID-ctx:
    Master-Key: 
E215A1B316CF5B72FDF65EDDDA482D96D1AECF11B91D505EDEBDEF072CA9B64D81D8D0F9AD53C671AE2DF51E7F5011BB
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:


That's more than I got with the older OpenSSL, but it still seems to 
indicate a problem. I also still get the same response (unable to 
connect) when trying Firefox.

The server build now reports: Server Version: Apache/2.2.22 (Unix) 
mod_ssl/2.2.22 OpenSSL/1.0.1a
OpenSSL command line says: OpenSSL 1.0.1a 19 Apr 2012

If I try the openssl command line now with -tls1_1 or -tls1_2 it 
connects with no errors, as does ssl3

It's only -tls1 that seems to have the problem - but that is enough to 
stop firefox (and other tls1 only clients) from connecting.

Odd that tls1.1 and tls1.2 work, but not just tls1



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx