On Fri, Aug 26, 2022 at 03:59:02AM +0000, Danilo Singh wrote: > The URL we are trying to connect to is notacarioca.rio.gov.br. When > trying to run an openssl s_client -connect, we get error 104, with the > following return: > write:errno=104 That is a write system call errno value, which translates to: $ perl -le '$! = 104; print "$!"' Connection reset by peer The server is resetting the TCP connection just after receiving the TLS CLIENT HELLO message. Or more likely some oddball firewall in front of the server is doing that. The server refuses to negotiate any ciphers other RSA key exchange (which by the way precludes use of TLS 1.3), and is rather sensitive to the order in which the 'kRSA' ciphers appear in the cipher list. Removing all 'SHA1' ciphers seems to help, but also removing non RSA key-exchange ciphers (while leaving SHA1 enabled) helps. ... -cipher 'DEFAULT:!SHA1' ... ... -cipher 'kRSA:!COMPLEMENTOFDEFAULT' ... So rather unclear what exactly makes the server unhappy, but it does when it works, it seems to choose: 0x00,0x9D - TLS_RSA_WITH_AES_256_GCM_SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD otherwise known as 'AES256-GCM-SHA384', which also works if you set it to be the only client cipher. > Currently the OpenSSL configuration on our server looks like this. We > tried several ways, but none worked. As we have little experience with > OpenSSL we don't know what is wrong. > > CipherString = DEFAULT@SECLEVEL=0 The preferred syntax for this is "DEFAULT:@SECLEVEL=0". > Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256:TLS_RSA_WITH_AES_128_CBC_SHA256:TLS_RSA_WITH_AES_256_CBC_SHA256:TLS_RSA_WITH_AES_128_GCM_SHA256:TLS_RSA_WITH_AES_256_GCM_SHA384 Perhaps leave these defaulted. > MinProtocol = TLSv1.0 > MaxProtocol = TLSv1.3 > SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_rsae_sha256:rsa_pss_pss_sha384:rsa_pss_rsae_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:ECDSA+SHA1:RSA+SHA1 Perhaps leave these defaulted. -- Viktor.