I have a database server running MariaDB 5.5.68 and OpenSSL 1.0.2k (upgrades are in the queue but not expected for some time). I have a client (web host) system running the same version of OpenSSL. I have MariaDB configured with CA /etc/pki/bundle-of-certs.crt, cert /etc/pki/db-host.CAD.crt, and key /etc/pki/db-host.key. I have the same CA file on the client system. Both systems are running CentOS 8.
My Java 1.8 project attempts to establish an encrypted connection to the database server. The web server Catalina log reports SSLHandshakeException. I used OpenSSL to check the handshaking:
web-host> openssl s_client -debug -state -status -msg -connect db-host:3306
CONNECTED
SSL_connect:before/connect initialization
(TLS 1.0 handshake sent)
>>> TLS 1.2 [length 0005]
10 03 01 00 ff
>>> TLS 1.2 Handshake [length 00ff], ClientHello
(handshake packet)
SSL_connect:SSLv2/v3 write client hello A
read from (db-host)
0000 - 52 00 00 00 0a 35 2e
SSL_connect:error in SSLv2/v3 read server hello A
error:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
---
no peer certificate available
To check the CA certificate bundle, I reran that command to the web host:
web-host> openssl s_client -debug -state -status -msg -connect web-host:8443
(same TLS 1.0 handshake sent)
SSL_connect:SSLv2/v3 write client hello A
read from (web-host)
0000 - 16 03 03 0d 67 02
(TLS 1.2 server hello message follows....)
When I explicitly specify openssl connect ... -tls1_2 the reply is only 52 00 00 00 0a, and web-host responds 02 46 and TLS 1.2 Alert, fatal protocol_version.
I conclude that either db-host or MariaDB has an incorrect TLS configuration, as it is not responding to a client-hello handshake message with a server-hello handshake message. I do not know what to investigate next, as /etc/my.cnf on db-host appears to be correct.
Related
I just can't manage to get an OCSP response. Here are the steps I did:
Haproxy cert directory:
Added CA file containing root and intermediate CA certificates with .issuer extension.
Added my .pem cert file including private key, crt etc
Generated OCSP response in DER format with openssl:
openssl ocsp -issuer my_cert.issuer -VAfile my_cert.issuer -cert my_cert.pem -url http://status.thawte.com -header Host status.thawte.com -no_nonce -respout my_cert.ocsp
Response verify OK
my_cert.pem: good
This Update: Mar 14 17:45:00 2022 GMT
Next Update: Mar 21 17:00:00 2022 GMT
3 files are now in my HAproxy cert directory:
my_cert.issuer
my_cert.ocsp
my_cert.pem
This is how my HAproxy config looks like:
global
maxconn 4096
ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RSA+AES128:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA
log 127.0.0.1 local0 debug
defaults
log global
mode http
option httplog
option dontlognull
option forwardfor
option http-server-close
stats enable
stats uri /stats
timeout connect 3000ms
timeout client 25000ms
timeout server 25000ms
frontend ssl_check
bind :::80
bind :::443 ssl crt /usr/local/etc/haproxy/certs/my_cert.pem
acl https ssl_fc
http-request set-header X-Forwarded-Proto http if !https
http-request set-header X-Forwarded-Proto https if https
mode http
use_backend %[base,lower,map_beg(/usr/local/etc/haproxy/ssl.map)] if { base,lower,map_beg(/usr/local/etc/haproxy/ssl.map) -m found }
default_backend ssl_check
backend ssl_check
mode http
errorfile 503 /usr/local/etc/haproxy/errors/certificate_response.http
This is how my fake backend looks like using a manipulated 503 errorfile giving response 200 back:
HTTP/1.0 200 Found
Cache-Control: no-cache
Connection: close
Content-Type: text/plain
200 Found
Reloaded HAproxy afterwards but I get still the same output:
$ echo quit | openssl s_client -connect 127.0.0.1:443 -tlsextdebug -status
CONNECTED(00000003)
TLS server extension "renegotiation info" (id=65281), len=1
0001 - <SPACES/NULS>
TLS server extension "EC point formats" (id=11), len=4
0000 - 03 00 01 02 ....
TLS server extension "session ticket" (id=35), len=0
OCSP response: no response sent
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = Thawte RSA CA 2018
verify return:1
[...]
---
Certificate chain
0 s:/[...]
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=Thawte RSA CA 2018
1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=Thawte RSA CA 2018
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
2 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
subject=/[...]
issuer=/
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 4377 bytes and written 441 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: FDAA738CD5049E2D14F5F7AD1C2CBCA36B938B94755F697E4CE0DCD40342791E
Session-ID-ctx:
Master-Key: [...]
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
[...]
Start Time: 1647360170
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
DONE
C=US/O=DigiCert Inc/OU=www.digicert.com/CN=Thawte RSA CA 2018
This is how the HAproxy package is setup regarding to OpenSSL etc:
# haproxy -vv
HA-Proxy version 1.8.19 2019/02/11
Copyright 2000-2019 Willy Tarreau <willy#haproxy.org>
Build options :
TARGET = linux2628
CPU = generic
CC = gcc
CFLAGS = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -fwrapv -Wno-null-dereference -Wno-unused-label
OPTIONS = USE_ZLIB=1 USE_OPENSSL=1 USE_LUA=1 USE_PCRE=1
Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200
Built with OpenSSL version : OpenSSL 1.1.0j 20 Nov 2018
Running on OpenSSL version : OpenSSL 1.1.0j 20 Nov 2018
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2
Built with Lua version : Lua 5.3.3
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Encrypted password support via crypt(3): yes
Built with multi-threading support.
Built with PCRE version : 8.39 2016-06-14
Running on PCRE version : 8.39 2016-06-14
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Built with zlib version : 1.2.8
Running on zlib version : 1.2.8
Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip")
Built with network namespace support.
Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.
Available filters :
[SPOE] spoe
[COMP] compression
[TRACE] trace
Tested it on a docker-compose setup and on a live machine also but in both cased I get ther certificate chain back etc but the OCSP response field is still empty:
OCSP response: no response sent
What am i doing wrong?!
Was able to sort it out. The naming convention of the certificate file name must be followed and was wrong.
Wrong:
my_cert.issuer
my_cert.ocsp
my_cert.pem
Correct:
my_cert.pem.issuer
my_cert.pem.ocsp
my_cert.pem
Then I was able to get an OCSP response from my HAproxy test instance back.
There are options to specify TLS or SSL on weblogic server & webservers communicating [LISTENING] over HTTPS.
I do not have access to web or app server configurations, however i wish to determine if my connection to webserver [nginx, apache http webserver] or appserver [weblogic] over HTTPS is using SSL or TLS and which version of it.
If & how is it possible to determine ? Kindly suggest.
If you are not able to use some online tools for your service or your service is not hosted to public internet, then there are somethings that you can try.
You can use nmap as nmap -sV --script ssl-enum-ciphers -p <port> <host> to see what TLS versions and particularly what ciphers on which your server is responding.
If you don't have nmap or you are not allowed to install nmap on the system from your the service is reachable, then you can use some default tools to see what ciphers are available.
eg:
openssl: You can use openssl to connect to the server and you can specify the ssl ciphers in the command line.
eg:
$ openssl s_client -connect <host>:<port> -tls1_2 -cipher AES128-GCM-SHA256
If you see a successful connection, then you can be sure that the server is able to negotiate using that TLS version, TLSv1.2 in the example, and using that cipher, TLS_RSA_WITH_AES_128_GCM_SHA256 in the example.
You can find all the ciphers that are valid for openssl here. A sample run would look like this:
$ openssl s_client -connect example.com:443 -tls1_2 -cipher AES128-GCM-SHA256
CONNECTED(00000005)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA
verify return:1
depth=0 C = US, ST = California, L = Los Angeles, O = Internet Corporation for Assigned Names and Numbers, OU = Technology, CN = www.example.org
verify return:1
---
Certificate chain
....
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHQDCCBiigAwIBAgIQD9B43Ujxor1NDyupa2A4/jANBgkqhkiG9w0BAQsFADBN
...
0Gs4+eH6F9h3SojmPTYkT+8KuZ9w84Mn+M8qBXUQoYoKgIjN
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Los Angeles/O=Internet Corporation for Assigned Names and Numbers/OU=Technology/CN=www.example.org
issuer=/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
---
No client certificate CA names sent
---
SSL handshake has read 4297 bytes and written 408 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
...
TLS session ticket:
0000 - 57 04 cc 0f 69 dc 93 6c-e5 d6 50 0a 1c d0 d8 ce W...i..l..P.....
...
0090 - 9a 34 af 1e c2 09 cf 00-6d 68 36 41 09 40 de 0a .4......mh6A.#..
Start Time: 1558594372
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
curl: you can use curl to do the same thing. eg:
$ curl https://example.com --tlsv1.2 --ciphers AES128-GCM-SHA256 -w "%{http_code}\n" -o /dev/null -s
In this case, you will get the output as a valid response code, say 200 if the connection is successful and 000 is the Handshake failed, so you can differentiate using that.
Note: the TLS version supported in openssl and curl can be looked up by checking the --help in both cases. eg:
curl:
-1, --tlsv1 Use >= TLSv1 (SSL)
--tlsv1.0 Use TLSv1.0 (SSL)
--tlsv1.1 Use TLSv1.1 (SSL)
--tlsv1.2 Use TLSv1.2 (SSL)
--tlsv1.3 Use TLSv1.3 (SSL)
openssl:
-tls1_2 - just use TLSv1.2
-tls1_1 - just use TLSv1.1
-tls1 - just use TLSv1
-dtls1 - just use DTLSv1
I have an error when I try to send message with kafka-console-producer.sh :
client-ssl.properties:
security.protocol=SSL
ssl.truststore.location=client.truststore.jks
ssl.truststore.password=klux$Ipzx*
ssl.enabled.protocols=TLSv1.2
kafka server.properties:
ssl.keystore.location=***/server.keystore.jks
ssl.keystore.password=***
ssl.key.password=***
ssl.truststore.location=***/server.truststore.jks
ssl.truststore.password=***
ssl.enabled.protocols=TLSv1.2
ssl.client.auth=required
security.inter.broker.protocol=SSL
the command: openssl s_client -debug -CAfile ca-cert -connect localhost:9093 -tls1_2 gives a correct response:
...
Acceptable client certificate CA names
/C=FR/ST=France/L=Nantes/O=sower.org/OU=sower.org/CN=sower.org
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: ECDSA+SHA512:RSA+SHA512:ECDSA+SHA384:RSA+SHA384:ECDSA+SHA256:RSA+SHA256:DSA+SHA256:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
Shared Requested Signature Algorithms: ECDSA+SHA512:RSA+SHA512:ECDSA+SHA384:RSA+SHA384:ECDSA+SHA256:RSA+SHA256:DSA+SHA256:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
SSL handshake has read 4774 bytes and written 345 bytes
Verification: OK
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 5B47BD62E62ACA3B6DD47B2DBEDCAECF3C9A2D5AAAE91CA1F241B512EFB9D241
Session-ID-ctx:
Master-Key: 686C1953C502FA917E96B7667CCB7A852B87887B35B962D183F7CA3B773087D545E5ADF370048196261FF5B073E9BCB8
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1531428194
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
Start of the command:
/opt/bitnami/kafka/bin/kafka-console-producer.sh --broker-list localhost:9093 --topic search-criterias-changes --producer.config client-ssl.properties
adding as trusted cert:
Subject: CN=sower.org, OU=sower.org, O=sower.org, L=Nantes, ST=France, C=FR
Issuer: CN=sower.org, OU=sower.org, O=sower.org, L=Nantes, ST=France, C=FR
Algorithm: RSA; Serial number: 0xc157b5b635b05d82
Valid from Thu Jul 12 20:23:34 UTC 2018 until Fri Jul 12 20:23:34 UTC 2019
trigger seeding of SecureRandom
done seeding SecureRandom
THE ERROR:
kafka-producer-network-thread | console-producer, READ: TLSv1.2 Handshake, length = 2382
kafka-producer-network-thread | console-producer, fatal error: 80: problem unwrapping net record
javax.net.ssl.SSLProtocolException: Handshake message sequence violation, 2
%% Invalidated: [Session-2, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384]
kafka-producer-network-thread | console-producer, SEND TLSv1.2 ALERT: fatal, description = internal_error
Padded plaintext before ENCRYPTION: len = 80
0000: DB 00 BF 06 DF FD 08 2C 9E 45 BF AE DC A7 23 2C .......,.E....#,
0010: 02 50 15 37 29 22 0E A0 B9 5D B9 0A DA 3E 9C 1F .P.7)"...]...>..
0020: CF 28 89 48 9C C6 88 D3 5B DF E8 21 98 6C FF 12 .(.H....[..!.l..
0030: B8 AC A8 E4 C8 F1 0D F3 70 1E B6 E5 76 08 76 74 ........p...v.vt
0040: 6E B6 0D 0D 0D 0D 0D 0D 0D 0D 0D 0D 0D 0D 0D 0D n...............
kafka-producer-network-thread | console-producer, WRITE: TLSv1.2 Alert, length = 80
kafka-producer-network-thread | console-producer, called closeOutbound()
kafka-producer-network-thread | console-producer, closeOutboundInternal()
kafka-producer-network-thread | console-producer, called closeInbound()
kafka-producer-network-thread | console-producer, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
kafka-producer-network-thread | console-producer, called closeOutbound()
kafka-producer-network-thread | console-producer, closeOutboundInternal()
[2018-07-12 20:49:23,336] WARN Failed to send SSL Close message (org.apache.kafka.common.network.SslTransportLayer)
java.io.IOException: Broken pipe
at sun.nio.ch.FileDispatcherImpl.write0(Native Method)
at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:47)
at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:93)
at sun.nio.ch.IOUtil.write(IOUtil.java:65)
at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:471)
at org.apache.kafka.common.network.SslTransportLayer.flush(SslTransportLayer.java:209)
at org.apache.kafka.common.network.SslTransportLayer.close(SslTransportLayer.java:159)
at org.apache.kafka.common.utils.Utils.closeAll(Utils.java:718)
at org.apache.kafka.common.network.KafkaChannel.close(KafkaChannel.java:61)
at org.apache.kafka.common.network.Selector.doClose(Selector.java:746)
at org.apache.kafka.common.network.Selector.close(Selector.java:734)
at org.apache.kafka.common.network.Selector.pollSelectionKeys(Selector.java:532)
at org.apache.kafka.common.network.Selector.poll(Selector.java:424)
at org.apache.kafka.clients.NetworkClient.poll(NetworkClient.java:460)
at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:239)
at org.apache.kafka.clients.producer.internals.Sender.run(Sender.java:163)
at java.lang.Thread.run(Thread.java:748)
[2018-07-12 20:49:23,337] ERROR [Producer clientId=console-producer] Connection to node -1 failed authentication due to: SSL handshake failed (org.apache.kafka.clients.NetworkClient)
WHat's he problem ? I'm totally blocked I need help !!!
Thanks a lot
I had this problem. It turned out I was not connecting to the correct port. You should have your listeners set. In your case, I think it would look like this.
listeners=SSL://:9093
Do you know why using a Let's Encrypt cert for TLS would result in a client failing at the SSL handshake point with error 19 (self signed cert in chain)? I am developing an app in C that uses the Mosquitto libraries to open the connection (and fails at the handshake) but to simplify this question I'm going to demonstrate the problem using the mosquitto_sub command (which we know works).
I am using Centos 6.2 with Let's Encrypt certificates for my website without any issues (because they're free, automated, and open). I now want to use the same certificate issued by Let's Encrypt to secure a TLS connection between my server and any remote client. TLS is being used for connections to the Mosquitto MQTT broker in fact, on port 8881. The mosquitto.conf file on my server contains:
...
user mosquitto
listener 8883 example.com
cafile /etc/mosquitto/certs/chain-ca.pem # These 3 from Let's Encrypt
certfile /etc/mosquitto/certs/cert.pem
keyfile /etc/mosquitto/certs/privkey.pem
require_certificate false
...
I have several network interfaces on my CentOS server and my domain, "example.com" resolves with the dig command to the IP of interface eth0:1:
[root#spiff mosquitto]# dig example.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.2 <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 804
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 300 IN A 158.234.234.24
;; AUTHORITY SECTION:
example.com. 300 IN NS dns0.ns.co.uk.
example.com. 300 IN NS dns1.ns.co.uk.
;; Query time: 41 msec
;; SERVER: 151.236.220.5#535(11.226.220.5)
;; WHEN: Sun Oct 30 19:21:07 2016
;; MSG SIZE rcvd: 101
I believe this is significant because the certificate for 'example.com' that I've created with Let's Encrypt has a CN which has to resolve with DNS to the IP address of the NIC that the Mosquitto listener is bound to, otherwise from the perspective of OpenSSL I'm serving the wrong certificate to any clients.
The server doesn't have any issues on startup.
After a lot of Googling, I understand (maybe wrongly) that the client needs to be handed as a parameter the certificate of the CA (certification authority) that signed the cert for 'example.com' when it makes a connection to the server, because it will check that the CA used to sign example.com's certificate is trusted, and so we use the --cafile [certificate-authority-cert.crt] parameter to pass this. I appreciate that this is specific to TLS connections and that web clients don't use this feature.
When a client on the same Centos 6.2 server (which could be my program but to simplify things is the out-of-the-box mosquitto_sub command) connects with these parameters I see this error:
mosquitto_sub -h example.com -p 8883 -t test -u mr-user -P P#55W0rD --cafile /etc/pki/tls/certs/lets-encrypt-x3-cross-signed.pem -d
Error: A TLS error occurred
Because the Mosquitto broker is not very specific about the value of errno on a failure, I try again using the s_client feature of openSSL instead:
[root#spiff certs]# openssl s_client -connect example.com:8883 -CAfile lets-encrypt-x3-cross-signed.pem
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
0 s:/CN=www.example.com
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
2 s:/O=Digital Signature Trust Co./CN=DST Root CA X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISA12o6mO9oS364BF5UVgSAD7TMA0GCSqGSIb3DQEBCwUA
[... lines removed for brevity ...]
A+q6hf00nJJsEvGmhVzQG5zAn6ojcWgT3EhurPien7Y16+kIS5tdz9xbeCgLTOrJ
BXA=
-----END CERTIFICATE-----
subject=/CN=www.example.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Server Temp Key: ECDH, prime256v1, 256 bits
---
SSL handshake has read 3999 bytes and written 373 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: E8D32590BAB26FF5811D39D775B3F455CAC3E8747866FA251DDA2032FA88E349
Session-ID-ctx:
Master-Key: 1B45DF54D11BC44D96AEAC940291B4D3BBAE56D6431E746873DC4F15DC1219F02019F4D903CAA6E8B23AF83CE291F4A6
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - d9 fb 28 9f c9 7c ba b3-26 ff dd 75 53 d1 12 65 ..(..|..&..uS..e
0010 - 91 76 91 2b f8 a2 b4 4b-0a e2 97 eb ce 8e a1 af .v.+...K........
[ ... lines ommitted for brevity ... ]
00a0 - 71 c3 a9 f3 16 c4 04 17-d1 e8 b0 75 e8 80 e9 fb q..........u....
Start Time: 1477857075
Timeout : 300 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
---
Why does Verify think that I'm using a self-signed certificate? Is there something else that I need to do, for instance does OpenSSL check the certificate store in /etc/pki/tls for a certificate for the root authority that signed Let's Encrypt's certificate and not find it perhaps when you link in the OpenSSL libs? Is it possible that the trust store under /etc/pki doesn't know about the root authority used by Let's Encrypt already? I got lets-encrypt-x3-cross-signed.pem after reading instructions on the Let's Encrypt Chain Of Trust page, is this the wrong file completely?
I am trying to connect to a "https://" site which supports "TLSv1" protocol and the following cipher suites,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) DH 4096 bits
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) DH 4096 bits
using Apache's httpclient (Java platform - JDK 1.7)
Its working fine in JDK1.8 (which has support for Cipher suites with DH parameters > 1024 bits)
But its failing in JDK 1.7 with the following exception,
main, handling exception: java.lang.ArrayIndexOutOfBoundsException: 64
%% Invalidated: [Session-1, TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
main, SEND TLSv1 ALERT: fatal, description = internal_error
main, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 01 00 02 02 50 ......P
main, called closeSocket()
main, IOException in getSession(): javax.net.ssl.SSLException: java.lang.ArrayIndexOutOfBoundsException: 64
As suggested in the workaround here,
http://bugs.java.com/bugdatabase/view_bug.do?bug_id=6521495,
I used tried using Bouncy Castle Provider but still getting the same exception.
Any help would be great. Thanks.
The issue is, you are using 2048 DH key with TLS v1 while its compatible with TLS v1.2, So you can resolve it by three ways:
1) Upgrade your JDK version to 1.8
2) Disable all DHE ciphers from server
3) Use 1048 DH key on server
for more details, see here