On 11/03/2020 16:56, Viktor Dukhovni wrote: > On Wed, Mar 11, 2020 at 03:12:26PM +0000, Matt Caswell wrote: > >>> The signature algorithm security level is not expected to be enforced >>> on self-signed certificates (root CAs). How is it happening here? >> >> It isn't. In this case the client is openssl but the server is unknown. >> The problem is on the server side. The server is refusing to continue a >> handshake where the sigalgs do not include sha1 because the server is >> misconfigured to include a root in the cert chain which has a SHA1 >> signature. The server is obviously inspecting the mis-configured chain, >> seeing the SHA1 signature, and giving up. This is not an OpenSSL problem. > > Matt are you able to confirm whether the below is correct? Perhaps > I should file a PR to address this if it is... I will run some tests to confirm or deny what you think might be happening. Probably it will be tomorrow before I get to it. Matt > > On Wed, Mar 11, 2020 at 11:32:58AM -0400, Viktor Dukhovni wrote: > >>> self-signed CA signatures are not subjected to security levels in >>> x509_vfy.c, the same exclusion does not appear to be present in: >>> >>> int ssl_security_cert(SSL *s, SSL_CTX *ctx, X509 *x, int vfy, int is_ee) >>> [...] >
