Hi all, on Ubuntu 20.04 LTS 64 bit, with OpenSSL version 1.1.1f, it is not possible to connect to a popular GIS OGC server at gibs.earthdata.nasa.gov:443 using OpenSSL or cUrl or Wget default parameters. The OpenSSL 1.1.1f package available for Ubuntu 20.04 is build with the "-DOPENSSL_TLS_SECURITY_LEVEL=2" option. The relevant errors are: "SSL routines:tls12_check_peer_sigalg:wrong signature type:../ssl/t1_lib.c:1145" and "SSL3 alert write:fatal:handshake failure". On the same machine it is possible to connect to that server using Firefox version 79.0 (the reported connection security properties are "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 256 bit keys, TLS 1.2") or gnutls-cli version 3.6.13 (the reported connection security properties are "(TLS1.2-X.509)-(ECDHE-SECP384R1)-(RSA-SHA1)-(AES-256-GCM)"). The connection is also possible on Ubuntu 18.04 (OpenSSL 1.1.1 without the "-DOPENSSL_TLS_SECURITY_LEVEL=2" build option). I already know the source of the issue (the server uses SHA1 as peer signing digest which is not allowed at SECURITY LEVEL = 2) and how to workaround it (setting SECLEVEL=1 as a cli option or in openssl.cnf), but I'd like to know if it is due to a misconfigured / non compliant server or to a bug in OpenSSL. In the former case, I'd like to know some technical specifications to refer to in order to submit the issue to the gibs.earthdata.nasa.gov system administrators so that they can understand the problem and configure the server correctly. Best regards. Andrea Giudiceandrea Note: see the following excerpts from the connection logs: ************** $ openssl s_client -state -connect gibs.earthdata.nasa.gov:443 CONNECTED(00000003) SSL_connect:before SSL initialization SSL_connect:SSLv3/TLS write client hello SSL_connect:SSLv3/TLS write client hello SSL_connect:SSLv3/TLS read server hello depth=2 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - G2 verify return:1 depth=1 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K verify return:1 depth=0 C = US, ST = Maryland, L = Greenbelt, O = NASA (National Aeronautics and Space Administration), CN = gibs.earthdata.nasa.gov verify return:1 SSL_connect:SSLv3/TLS read server certificate SSL3 alert write:fatal:handshake failure SSL_connect:error in error 139920655459648:error:1414D172:SSL routines:tls12_check_peer_sigalg:wrong signature type:../ssl/t1_lib.c:1145: [...] --- No client certificate CA names sent Server Temp Key: ECDH, P-384, 384 bits --- SSL handshake has read 5443 bytes and written 322 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: 12B3427E761029EDED05CB26B3DD854ADE7B0D68061C2515A60A8A297AC968DB Session-ID-ctx: Master-Key: PSK identity: None PSK identity hint: None SRP username: None Start Time: 1597339233 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no --- ************** ************** $ openssl s_client -connect gibs.earthdata.nasa.gov:443 -cipher DEFAULT@SECLEVEL=1 CONNECTED(00000003) depth=2 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - G2 verify return:1 depth=1 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K verify return:1 depth=0 C = US, ST = Maryland, L = Greenbelt, O = NASA (National Aeronautics and Space Administration), CN = gibs.earthdata.nasa.gov verify return:1 [...] --- No client certificate CA names sent Peer signing digest: SHA1 Peer signature type: RSA Server Temp Key: ECDH, P-384, 384 bits --- SSL handshake has read 5503 bytes and written 483 bytes Verification: OK --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: A48C668A8154E1A81137873D8D7D6CCF77B4C31729074C8C37A67B4A1CE9B155 Session-ID-ctx: Master-Key: D0147A71395D3336D998B1499630E4D4BA965F1BC9D8E526EF232A7D15ECC7989AE3A8844693D628C47B76A7BA8BFC4B PSK identity: None PSK identity hint: None SRP username: None Start Time: 1597384544 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no --- **************
