When I do openssl s_client -CApath ~/cacert.pem -crlf -connect getcomposer.org:443 -servername getcomposer.org I get the following output:
CONNECTED(00000003)
depth=1 C = US, O = Let's Encrypt, CN = R3
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/CN=getcomposer.org
i:/C=US/O=Let's Encrypt/CN=R3
1 s:/C=US/O=Let's Encrypt/CN=R3
i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISA4wAKXUPtnZXoYnne5MGiWlHMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTA5MzAxMDI5MDlaFw0yMTEyMjkxMDI5MDhaMBoxGDAWBgNVBAMT
D2dldGNvbXBvc2VyLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMSpt0JoJU7PJQYHYWV5FRTheIQSFi3SM/qyt2RDwKG4g7QssLjmsAXKQ5ZgGNc2
0JOaJ6NS3LgckijVOBOgBpywXTBJ0XOF6JJpjmuivdHXw0tssD+7BD+9Z30M9vCV
i5OU2dw6VmPi7M/J9haO+/ONuMpojmPTI2IKQl7w13y+AN+EqOVn5tWKgMpKxY9y
dydsbqgGffa7aSuN4Rc6UXZ4ix4mfSdjrAxFsKeOAmVh8NfQ49PoEpNAIce7ZQkF
hzq1AZmBtpe76LYrNEO55bPbg5Z9NPBReBpVG4tpLVWPUrarxdhCLD+F5b3s7Ko/
SzAWf/mX/K89Zdd3G8q52gECAwEAAaOCAnUwggJxMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV
HQ4EFgQU6Z7XW6cbc9xNki5IDKUmJEgZrJ8wHwYDVR0jBBgwFoAUFC6zF7dYVsuu
UAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8v
cjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9y
Zy8wQwYDVR0RBDwwOoISY2EuZ2V0Y29tcG9zZXIub3Jngg9nZXRjb21wb3Nlci5v
cmeCE3d3dy5nZXRjb21wb3Nlci5vcmcwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYL
KwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlw
dC5vcmcwggEGBgorBgEEAdZ5AgQCBIH3BIH0APIAdwBc3EOS/uarRUSxXprUVuYQ
N/vV+kfcoXOUsl7m9scOygAAAXw2dyOHAAAEAwBIMEYCIQCOGcPZTl5eD4E03Ted
RabOF+lXzyXOPBT3xDtrIYmgxgIhAJAJJzdWzyzX8f6TdbIzGr7xQFhQAIHn/3+1
8ffWn/FjAHcAfT7y+I//iFVoJMLAyp5SiXkrxQ54CX8uapdomX4i8NcAAAF8Nncj
ywAABAMASDBGAiEA97oAvcGhneZl1n+meqzcb6OK5SJoUxYmdlz5LO15BpICIQCL
jrrvGdWMIV/ujHDMAvQ4QUn25GBjf6kps6d6SO6xADANBgkqhkiG9w0BAQsFAAOC
AQEAciXzEuFF5zwYpwv65AkhD1yYGvsqjRNCAe+AqvBVPEfqES/kCBCKeM5UDpAV
+TuJq7OQAGyUHbSAf0JK9DGTN0chTJVShaJEAXgIvnykolab/eNwpxrEOG5wTpRz
p5bJQfR+kVVIyjg0BknDQZMopH1MtWny8LT3jqhBV9eAFaaBh/X46liDACe2VmRv
/MHYGZtMtVnYIcm4iqPMZShMrWkPB7mO6PrUo0QzAUhMpb/KCRb/2XIf+H2I9zzJ
Y5MhKksA3NqDLFW3dD/KrnLKkqtKiOsUGgG1yDR9+S64lNS+IswcsodirXyrtbac
pZAfDeIuhhZ8uGqZhfcdC2OONw==
-----END CERTIFICATE-----
subject=/CN=getcomposer.org
issuer=/C=US/O=Let's Encrypt/CN=R3
---
No client certificate CA names sent
---
SSL handshake has read 3183 bytes and written 455 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 222874F43D8C5CD5C5EBCE9519D767FC0847D4BCE75261020AEDA2337E84CE87
Session-ID-ctx:
Master-Key: 4C7B19187830AF58A6D03B37163A5C2CEF3222F6BC048D569B122DF372DFCA4CB7FAA0103AAE0C87B5C008E0692C48AD
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1634183395
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
closed
I don't understand this error. I just got cacert.pem by doing wget --no-check-certificate -O ~/cacert.pem https://curl.se/ca/cacert.pem and doing vim ~cacert.pem verifies that the newly created file is non-empty.
Since the community seems to have accepted this as ontopic:
As I commented, to use in openssl commandline a 'bundle' file in the format supplied by https://curl.se/ca/cacert.pem you must use -CAfile not -CApath.
-CApath works instead with a directory containing a separate file for each cert named by its subject hash, as described in man 1 verify on older versions or man 1 openssl-verification-options on 3.0 also here on the web and which you can use c_rehash to help create if that is really wanted for some reason.
This is a stab in the dark, as I don't understand that openssl output much, but judging by the timing and the keywords 'openssl' and 'Lets Encrypt' this has a reasonably high chance of success.
On September 30, 2021 Let's Encrypt's old Root Certificate has expired. This had a major implication that now they have started to use their own root cert which should be trusted by most devices. 'Most' part was troublesome as there are some devices alive which did not receive updates in years. So the people at Let's Encrypt found a way to still remain supported/trusted on those devices, just under one condition - its openssl version must be 1.1.0+ (which is already 4+ years old). Another important detail is that this openssl version requirement also applies to systems that would have otherwise trusted LE's new cert.
So I've seen numerous people over October scrambling to get LE issued certificates to be trusted again by their systems and the answer was always as simple as: Get your openssl / libopenssl updated to v1.1.0+
Related
Using scrapy 1.6.0 (twisted 18.9.0, pyopenssl 19.0.0, openssl 1.0.2r, osx 10.14.3). I've ruled out user agent and robots.txt. Seems to be a certificate negotiation issue. There is no web proxy involved.
Destination is https://www.labor.ny.gov/
To reproduce:
04:49:59 dork#Dorks-MacBook:~
0 $ scrapy shell
.
.
.
>>> fetch('https://www.labor.ny.gov')
2019-04-05 16:45:11 [scrapy.core.engine] INFO: Spider opened
Traceback (most recent call last):
File "<console>", line 1, in <module>
File "/Users/dork/project/venv/lib/python3.6/site-packages/scrapy/shell.py", line 115, in fetch
reactor, self._schedule, request, spider)
File "/Users/dork/project/venv/lib/python3.6/site-packages/twisted/internet/threads.py", line 122, in blockingCallFromThread
result.raiseException()
File "/Users/dork/project/venv/lib/python3.6/site-packages/twisted/python/failure.py", line 467, in raiseException
raise self.value.with_traceback(self.tb)
twisted.web._newclient.ResponseNeverReceived: [<twisted.python.failure.Failure twisted.internet.error.ConnectionLost: Connection to the other side was lost in a non-clean fashion: Connection lost.>]
Trying to connect and negotiating via OpenSSL directly on the command line seems to fail as well:
0 $ openssl version
OpenSSL 1.0.2r 26 Feb 2019
04:49:59 dork#Dorks-MacBook:~
0 $ openssl s_client -connect www.labor.ny.gov:443
CONNECTED(00000003)
4472571500:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 307 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1554497411
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
However if I force openssl to TLSv1 it seems to work. I just don't know how to force that from scrapy -> twisted -> pyopenssl -> OpenSSL or if it's possible.
04:49:59 dork#Dorks-MacBook:~
0 $ openssl s_client -tls1 -connect www.labor.ny.gov:443
CONNECTED(00000003)
depth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Organization Validation CA - SHA256 - G2
verify return:1
depth=0 C = US, ST = New York, L = Albany, O = New York State Office for Technology, CN = labor.ny.gov
verify return:1
---
Certificate chain
0 s:/C=US/ST=New York/L=Albany/O=New York State Office for Technology/CN=labor.ny.gov
i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - SHA256 - G2
1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - SHA256 - G2
i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
.
.
.
Postman can't fetch the page either. It seems like anything relying on OpenSSL sort of silently dies.
Not a full answer; CW in case anyone can add the scrapy (or related) part.
Man that server is bad!
It supports only SSL2 SSL3 and TLS1.0 where the first two are completely broken and the first was completely broken last century. It identifies as IIS/6.0 which dates to Windows Server 2003 -- which was end-of-life long ago.
FWLIW it's not actually version-intolerant, or broken for hello over 256 bytes, as some defective implementations were discovered to be years ago; if I use OpenSSL 1.0.2 to send it ClientHello offering TLS1.2 with ciphers restricted to kRSA, it does negotiate down to TLS1.0 correctly. It only fails for the OpenSSL>=1.0.2 default ClientHello, which uses a significantly larger cipherlist than previous versions because TLS1.2 added a whole bunch of new ciphersuites for the new AEAD format and new PRF scheme. Forcing TLS1.0 has the same effect, because it causes OpenSSL to offer only the smaller list of ciphersuites which were valid in TLS1.0. I vaguely recall an XP-era bug triggered by 'large' cipherlists, and that might be the problem here.
It's not the certificate. The certificate is the only thing they have right.
I have created a private mail server using iRedMail & Nginx. I have installed SSL certificates and keys into Nginx and iRedMail itself at the below locations. The server runs great and everything works via web mail. The browser agrees that the SSL certificate is valid and HTTPS works.
The issue is when I add the mail account to my email client, I get an invalid certificate error, and the same issue when using CalDav. It still works, but this makes me think that I'm missing some certificate install somewhere. Any suggestions? Thank you!
/etc/ssl/certs/iRedMail.crt
/etc/ssl/private/iRedMail.key
Here is the output of openssl s_client -showcerts -connect mail.bragsdale.dev:993
CONNECTED(00000003)
depth=0 CN = bragsdale.dev
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = bragsdale.dev
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/CN=bragsdale.dev
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
-----BEGIN CERTIFICATE-----
...CERTIFICATE HERE...
-----END CERTIFICATE-----
---
Server certificate
subject=/CN=bragsdale.dev
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 2064 bytes and written 431 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 3DD2E8B607CF5B4ACECDB995078FDAE80C210097372B80CD1409E90A0A523E0A
Session-ID-ctx:
Master-Key: F1953ABEAC1024279DA6D0E17D26E3305E7C2A9589976FDFD2DBF22E4B6280415BC271E5228045B7D0C5E8A0B3921B11
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
....DATA HERE...
Start Time: 1551664367
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready
Fixed it. The problem was I wasn't using my intermediary certificate. See this answer for details.
A note, when I cat'ed the certificates together it was malformed, with the END CERTIFICATE/BEGIN CERTIFICATE being on one line. Easily fixed with a text editor.
I need to connect to some https://website.com. So, the site is available via VPN. I'm connected to the VPN and I can open the site in browser.
I've downloaded certificates from browser:
Then I cat both file into one certificate.pem
But when I'm trying to execute command
openssl s_client -connect website.com:443 -CAfile /path/to/certificate.pem
When I execute it in a terminal I have an error.
CONNECTED(00000003)
depth=1 /C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
verify error:num=2:unable to get issuer certificate
issuer= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
verify return:0
---
Certificate chain
0 s:/C=AU/ST=Wales/L=Place/O=Company
Ltd/OU=D&D/CN=website.com
i:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
---
Server certificate
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
subject=/C=AU/ST=Wales/L=Place/O=Company
Ltd/OU=D&D/CN=website.com
issuer=/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
---
No client certificate CA names sent
---
SSL handshake has read 2034 bytes and written 328 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES128-SHA
Session-ID: 1533BA958D51B9FEAE4C3534F4A417A5896ED17DCAAE83E89E6C2A7F615A583A
Session-ID-ctx:
Master-Key: 5CF D4ACA242B602AAFSDF1234X23E99BD4C62862888947FACFF0E7503BA34C2DD0EC193FA525204A539
Key-Arg : None
Start Time: 1509781851
Timeout : 300 (sec)
Verify return code: 0 (ok)
openssl historically and by default validates a certificate chain only if it ends at a root. Having the server aka end-entity or leaf cert in the truststore is useless, and the intermediate(s) should not be needed because RFCs require the server to send it(them), but your server is apparently defective or misconfigured because it does not. Thus for your server having the intermediate and root, but not the server cert, in the file used for -CAfile will work, assuming they are in PEM format.
Alternatively, recent (and supported) releases 1.0.2 and 1.1.0 add an option -partial_chain. If specified, this validates if the truststore has any anchor, not just a root. For your server, having either the server cert or the intermediate in the file used for -CAfile is sufficient, again in PEM format.
These cases are described on the man page for verify(1) which is referenced from the man page for s_client(1). Some systems may make the section 1ssl or similar, and if your system is not properly installed or is Windows, they are on the web here.
Remember that openssl historically and by default does not check the server name in the cert. 1.1.0 has new options -verify_name and -verify_hostname that do so. These are described on the man page for verify and referenced on that for s_client.
Also remember that many servers, though apparently not yours, now use Server Name Indication (SNI) extension to support multiple 'virtual' hosts with different certificates, and will either give a wrong cert or reject or fail the connection if SNI is missing. openssl s_client does not send SNI by default, but the option -servername does so; this is described on the man page. Update: OpenSSL 1.1.1 in 2018 s_client now does send SNI by default.
In general looking at the man pages for a program tells you useful information about how the program works and how to use it, and is recommended.
Especially since this is not a programming or development question, and really off-topic for StackOverflow; I would try to propose migration to SuperUser or ServerFault, but they already have numerous dupes.
This error means that openssl is looking for the issuer certificate with the subject "/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA" but it is not provided in the file /path/to/certificate.pem. Suggest to run "openssl x509 -in /path/to/certificate.pem -text" to see the subject of the certificate in this file - should be different from the requested one.
I am working with the example apps in the "Networking Security with OpenSSL" book and up until now have been able to get client/server examples 1,2,3 to work. But now I'm trying to connect to an in-house tool but I'm getting the error "error 18:self signed certificate". Despite this error when I run my app (essentially client3), when I use s_client with the very same credentials...it works.
I suspect that it has something to do with the ssl/tls api combination that I use in my 'client3' app.
Here's the command and output for s_client that connects to the in-house tool which works:
~/tls/client$ openssl s_client -connect 192.168.1.99:16001 -CAfile ../_security/SipInspector/certificate.pem -key ../_security/client.pem
Enter pass phrase for ../_security/client.pem:
CONNECTED(00000003)
depth=0 C = CA, ST = Ontario, L = Ottawa, O = SIP Inspector Ltd, OU = Development, CN = 192.168.1.99
verify return:1
---
Certificate chain
0 s:/C=CA/ST=Ontario/L=Ottawa/O=SIP Inspector Ltd/OU=Development/CN=192.168.1.99
i:/C=CA/ST=Ontario/L=Ottawa/O=SIP Inspector Ltd/OU=Development/CN=192.168.1.99
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFxTCCA62gAwIBAgIJALKQ3J5SEyjPMA0GCSqGSIb3DQEBCwUAMHkxCzAJBgNV
BAYTAkNBMRAwDgYDVQQIDAdPbnRhcmlvMQ8wDQYDVQQHDAZPdHRhd2ExGjAYBgNV
BAoMEVNJUCBJbnNwZWN0b3IgTHRkMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEVMBMG
A1UEAwwMMTkyLjE2OC4xLjk5MB4XDTE2MDUyNzE4NDEyM1oXDTE3MDUyNzE4NDEy
M1oweTELMAkGA1UEBhMCQ0ExEDAOBgNVBAgMB09udGFyaW8xDzANBgNVBAcMBk90
dGF3YTEaMBgGA1UECgwRU0lQIEluc3BlY3RvciBMdGQxFDASBgNVBAsMC0RldmVs
b3BtZW50MRUwEwYDVQQDDAwxOTIuMTY4LjEuOTkwggIiMA0GCSqGSIb3DQEBAQUA
A4ICDwAwggIKAoICAQC2iZxPwl3McyfpNqhsNX6yqccHjBMvr6hVwnYI8jokmUJq
/X6nUEiamvQmMR9EaO4VgY7pMZSiDYAOEnWT6y8KiKES1AQu1d6Yzi+GJwbQYcyt
Mr8h+YkmW091F/xPB4RLABHqmZWC3QCoZ6yP4UGkKpJnvGSWvgKjG2OJGi8gaKkp
WlOscWQRlHq85i+ekaha127q4f8YkWXjt5fyU7BH8xk4E/OQ5zJyFrD/GL5LM/wh
XlPBrxB+A3Nm570EzhVFNjaG8PRIKnPpcoMUbslgZX6veEgYq3JcEUh+qIHTZqBB
ebiU5XsIwsKfdO1GZ6mFwnysRWrGymA6cTGVrhTtrsV1knWuV9citwaurysyW9S3
KMr5Ubj6uXQoWkt+yk2l9jtcxr/K0swXSxqvvhKSu8WaZd09SLyfkYA/wJ+LB//u
gE7bXVI2LRr8N4C1mVm3vFETcW1wjxCRSfLFSDsryhGp+6fXKI28KRQCU4ZZe53P
GFREj0VQfjsuSKDJX0M0PC9eNLNYTkPWsLCCcohEIuUgIaiQcILW/3bsgHyxQRz9
ljVkjQV0r5YBLIBXMbV4dH8ZKs/2A/oFXQ6UhH0oAm7o9ti65NdaG5/k904bhvOx
XFJzmYgSaN8KXZg30vE35ouA34DEVkb6pHY2qLxokKG5pacAb35+5aVu/AaH0QID
AQABo1AwTjAdBgNVHQ4EFgQUZ78GCtQa4uhoka8uC0hPdw8/I1AwHwYDVR0jBBgw
FoAUZ78GCtQa4uhoka8uC0hPdw8/I1AwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
AQsFAAOCAgEAViIHJNe36qRjb/gOWdaqJtvPv3wAx/y7fZuMZhYQQVs7EKuKpPoI
nD+n6lluLn/cMQxN2qSLSsaGh2e3I4TThWu4D6pQkz+4DVCvAkKK5BfLpzAhbPla
ojSwPmu5ekl754FhJuiDy6WSRtWyKhReCF6tlbwRE2/DsWXeDnn08XtwGE27gwiR
I69wygaQFMXppXrQGWFmHobHYuVBJ1xHj4+i3TdmKli0PobASu3ley8KT6sKvx8F
VKJt8a+cVWj+6ctGPSWvFVJsNNdS8al/7GPnRdMFr+KSC9htjvM9orWV+YrOMPzb
YFauf3FHV23btZxD7OcXFdxLSFxTG3VHV4utKGmDd8IJ/JF4Z7Kkfci+7qbCDxaf
520p531E9H4C0UkccqRavvBsfBJbX0u6Ry/l4glaJSAA2vnGjjh7gMYJnmL1mOKy
BOLYvCkbMqrX/BQBXI44zI0BCeMyXngvvhE+aE3XFmfSYDaMWqma8KsKSxSHUbrK
CacCgoJJbXSqv/Clu5KEM4n2/GPFE9ZhXVJt3MKvTEC0rf3mBQnU6S+NpwLvqBKg
pt/q5/gKqRFbjyL0LDNz49vaSUYvbu3mgF2480Or4X+GPwemwdxJaF1pQw4C1WaF
RyfVjDrLNhTvv+zKCbEPyrjXCweNVRVcp8lZ8R0HmXwfgevlCNz/GQo=
-----END CERTIFICATE-----
subject=/C=CA/ST=Ontario/L=Ottawa/O=SIP Inspector Ltd/OU=Development/CN=192.168.1.99
issuer=/C=CA/ST=Ontario/L=Ottawa/O=SIP Inspector Ltd/OU=Development/CN=192.168.1.99
---
No client certificate CA names sent
---
SSL handshake has read 2309 bytes and written 509 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-DES-CBC3-SHA
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-DES-CBC3-SHA
Session-ID: 5755C781D91CF3177DF624EA3599EE430DAB4790F325FAD9378FEAE7731C4497
Session-ID-ctx:
Master-Key: D149008E43E29D658D29418C9F770B3D6018B1D7CA2F493027B0AC7C3BA8E53B572B68C371153568B8988A1E5F351839
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1465239425
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
Here's the command and output when I run my app that tries to connect to the same in-house tool which fails:
carl#ubuntu:~/tls/client$ ./client3 192.168.1.99
Enter PEM pass phrase:
connecting to 192.168.1.99:16001
-Error with certificate at depth: 0
issuer = /C=CA/ST=Ontario/L=Ottawa/O=SIP Inspector Ltd/OU=Development /CN=192.168.1.99
subject = /C=CA/ST=Ontario/L=Ottawa/O=SIP Inspector Ltd/OU=Development/CN=192.168.1.99
err 18:self signed certificate
** client3.c:94 Error connecting SSL object
139788992993088:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:1180:
carl#ubuntu:~/tls/client$
Here are the api's I call in the my app that utilize the same credentials used by the s_client command:
SSL_CTX_new(SSLv23_method());
SSL_CTX_load_verify_locations(ctx, "../_security/SipInspector/certificate.pem", NULL)
SSL_CTX_use_PrivateKey_file(ctx, "../_security/client.pem", SSL_FILETYPE_PEM)
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback);
SSL_CTX_set_verify_depth(ctx, 4);
SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
And also I used the openssl verify command to double check the certificate against itself (not sure if this really does anything).
Any help would be appreciated.
Problem solved. Turned out to be the certificate check routine was checking against incorrect information in the received certificate.
My production app uses ActiveMerchant and is unable to process credit cards over https with a single gateway, Moneris. All other gateways Authorize.net, Paypal, Beanstream, etc) experience no errors. The error I receive is:
OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed):
The people at Moneris have told me that they have updated their SSL certificate
to 2048bit SSL encryption (from the current 1024 SSL encryption) and that the upgraded certificate will be issued by VeriSign. Our wildcard SSL uses 2432--more than the Moneris 2047 requirement.
So, they suggested that in addition to the files I normally upload for my SSL bundle, I have to add their Verisign certs. My Heroku command looks like this:
$ heroku certs:upgrade --app myapp AddTrustExternalCARoot.crt ComodoUTNSGCCA.crt EssentialSSLCA_2.crt STAR_myapp_com.crt UTNAddTrustSGCCA.crt Verisign_chain_Gr.cer Verisign_G5.cer server.key
I have tried virtually everything including the fix_ssl.rb suggestion here (OpenSSL::SSL::SSLError on Heroku) where I call the ca-certificates.crt from my /usr/lib/ssl/certs directory from Heroku.
require 'open-uri'
require 'net/https'
module Net
class HTTP
alias_method :original_use_ssl=, :use_ssl=
def use_ssl=(flag)
self.ca_path = Rails.root.join('/usr/lib/ssl/certs/ca-certificates.crt').to_s
self.verify_mode = OpenSSL::SSL::VERIFY_PEER
self.original_use_ssl = flag
end
end
end
I've tried everything: placing the Heroku bundle in my /lib directory, adding the 'certified' gem, etc, etc. and spent hours on the phone with Moneris to no avail. Does anyone know what more I can do to allow this one gateway to process credit cards?
My guess is that the trusted list of CA certificates that openssl is using to verify Moneris' server certificate is out-dated. So try getting the cacert.pem extracted from Mozilla's ca-bundle (http://curl.haxx.se/docs/caextract.html does this for you). This is more necessary these days as far as openssl is concerned as openssl is no longer bundled with CA certs which is why I'm suspecting whatever ca-certs you're using might be out of date.
First I tried to reproduce your problem with the command:
openssl s_client -connect www3.moneris.com:443
and got ...
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : RC4-MD5
Session-ID: 73178D4019035AE86399D0E6D2FFB904A1412D0F5D3F83370E52F50E9E26B73C
Session-ID-ctx:
Master-Key: 0BB841912F11185B7CBAFA524571765DD7372990819EBC44E311DE4EF0C70E480501D6F87C8AA439C4F827B0908123F7
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1380816775
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
Then I used the cacert.pem extracted from Mozilla thanks to http://curl.haxx.se/docs/caextract.html
and re-issued the openssl command like so:
openssl s_client -connect www3.moneris.com:443 -CAfile cacert.pem
and got ...
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : RC4-MD5
Session-ID: 73178D401902F7EB6399D0E6D2FFB804CE0F7219344405EA0E52F50E9E26B4DB
Session-ID-ctx:
Master-Key: C0B32810FB7E0158A156E7D05DBB35F3CE8935284F165C3FB636700EEEC8BCE991BCE8850D39020E298F337B6E58132A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1380816992
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
So in your code snippet, above, try replacing:
self.ca_path = Rails.root.join('/usr/lib/ssl/certs/ca-certificates.crt').to_s
with:
self.ca_file = <full path name>/cacert.pem
where cacert.pem is extracted from the Mozilla ca-bundle