On Wed, Mar 11, 2020 at 03:12:26PM +0000, Matt Caswell wrote:
> > The signature algorithm security level is not expected to be enforced
> > on self-signed certificates (root CAs). How is it happening here?
>
> It isn't. In this case the client is openssl but the server is unknown.
> The problem is on the server side. The server is refusing to continue a
> handshake where the sigalgs do not include sha1 because the server is
> misconfigured to include a root in the cert chain which has a SHA1
> signature. The server is obviously inspecting the mis-configured chain,
> seeing the SHA1 signature, and giving up. This is not an OpenSSL problem.
Matt are you able to confirm whether the below is correct? Perhaps
I should file a PR to address this if it is...
On Wed, Mar 11, 2020 at 11:32:58AM -0400, Viktor Dukhovni wrote:
> > self-signed CA signatures are not subjected to security levels in
> > x509_vfy.c, the same exclusion does not appear to be present in:
> >
> > int ssl_security_cert(SSL *s, SSL_CTX *ctx, X509 *x, int vfy, int is_ee)
> > [...]
--
VIktor.
