Welcome! Log In Create A New Profile

Advanced

No shared cipher

Posted by _gg_ 
_gg_
No shared cipher
May 09, 2018 08:20AM
Not sure if it's not more of an openssl/TLS 'issue'/question...
For some time I've been observing

SSL_do_handshake() failed (SSL: error:1408A0C1:SSL
routines:ssl3_get_client_hello:no shared cipher) while SSL handshaking

in error.log while having

ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!aNULL;

in configuration.

Examining Client Hello packet reveals client supported ciphers:
Cipher Suites (9 suites)
Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)
Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc13)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)

I'm running
nginx version: nginx/1.12.1
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-11) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled

According to 'openssl ciphers' the third cipher on the list is supported and
yet server responds with:
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake Failure)
Content Type: Alert (21)
Version: TLS 1.2 (0x0303)
Length: 2
Alert Message
Level: Fatal (2)
Description: Handshake Failure (40)

Either I've messed up my investigation or I'm completely misunderstanding
something here.
Why despite having a common cipher with a client server denies to handshake
a connection?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,279727,279727#msg-279727

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Maxim Dounin
Re: No shared cipher
May 10, 2018 03:20PM
Hello!

On Wed, May 09, 2018 at 02:10:04AM -0400, _gg_ wrote:

> Not sure if it's not more of an openssl/TLS 'issue'/question...
> For some time I've been observing
>
> SSL_do_handshake() failed (SSL: error:1408A0C1:SSL
> routines:ssl3_get_client_hello:no shared cipher) while SSL handshaking
>
> in error.log while having
>
> ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;
> ssl_ciphers ALL:!aNULL;
>
> in configuration.
>
> Examining Client Hello packet reveals client supported ciphers:
> Cipher Suites (9 suites)
> Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)
> Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc13)
> Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
> Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
> Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
> Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
> Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
> Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
> Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
>
> I'm running
> nginx version: nginx/1.12.1
> built by gcc 4.8.5 20150623 (Red Hat 4.8.5-11) (GCC)
> built with OpenSSL 1.0.2k-fips 26 Jan 2017
> TLS SNI support enabled
>
> According to 'openssl ciphers' the third cipher on the list is supported and
> yet server responds with:
> TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake Failure)
> Content Type: Alert (21)
> Version: TLS 1.2 (0x0303)
> Length: 2
> Alert Message
> Level: Fatal (2)
> Description: Handshake Failure (40)
>
> Either I've messed up my investigation or I'm completely misunderstanding
> something here.
> Why despite having a common cipher with a client server denies to handshake
> a connection?

Whether a cipher suite can be used or not depends on various
factors. In particular:

- list of ciphers the client supports;
- list of ciphers the server supports;
- the certificate used by the server (e.g., you won't be able to
use RSA cipher suites with an ECDSA certificate);
- when using ECDHE ciphers or ECDSA certificates - supported EC curves on both
client and server;

In this particular case the client supports only RSA ciphers, so,
for example, there will be no shared cipher if you are using ECDSA
certificate.

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
_gg_
Re: No shared cipher
May 11, 2018 08:10AM
Indeed, I have an EC certificate.
Thanks.

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,279727,279754#msg-279754

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Sorry, only registered users may post in this forum.

Click here to login