36

I'm trying to use OpenSSL to connect to an SSL server.

When I run:

openssl s_client -connect myhost.com:443

The following SSL client configurations work just fine:

  • Windows (OpenSSL 0.9.83e 23 Feb 2007)
  • Linux (OpenSSL 0.9.8o 01 Jun 2010)
  • Linux (OpenSSL 1.0.0-fips 29 Mar 2010)

Output from any successful connection looks like this:

New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DES-CBC3-SHA
    Session-ID: (hidden)
    Session-ID-ctx:
    Master-Key: (hidden)
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1337266099
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)

However, when I use client with my Ubuntu 12.04 (w/ OpenSSL 1.0.1 14 Mar 2012) I get error:

CONNECTED(00000003)
...:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:

How can I proceed on solving this?

All tips are much appreciated!

Jaakko
  • 427
  • 2
  • 5
  • 14
  • What protocol and cipher are used when it connects from Windows? – Shane Madden May 15 '12 at 22:30
  • It says: `New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA`. I wish I understood what this all means! :) – Jaakko May 16 '12 at 05:37
  • DES? That's an odd cipher to have highest priority. What kind of server are you connecting to? – Shane Madden May 16 '12 at 05:51
  • Have you used something like Wireshark to take a look at the packets and exactly what is going on? You could run this at either end. – boburob May 17 '12 at 11:12
  • No I haven't. Wireshark seems awesome. Thanks for the tip! I will try it out soon. – Jaakko May 17 '12 at 11:38
  • 1
    Maybe the defaults on the newer openssl are by default restricting older ssl protocol versions? There would be some reasons to do so given the recent BEAST mess... – rackandboneman May 17 '12 at 13:41
  • What is the version of the SSL _client_ you're using to attempt connection? – brent May 17 '12 at 14:59
  • Well basically all versions I have listed so far are client versions. I don't even know what SSL software the server uses! Sorry if that wasn't clear enough! – Jaakko May 17 '12 at 15:01
  • 1
    D'oh, understood. You're testing the clients against your site. – brent May 17 '12 at 15:07
  • This problem is solved. I downgraded to `OpenSSL 1.0.0e 6 Sep 2011` and it works. – Jaakko May 29 '12 at 08:46

3 Answers3

32

This looks to be a known issue with Ubuntu's 1.0.1 OpenSSL: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/965371

It doesn't look like a fix is available. If possible you could downgrade to 1.0.0.

Try openssl s_client -tls1 -connect myhost.com:443

brent
  • 3,521
  • 3
  • 26
  • 37
  • 1
    More details of the problem on the Debian ticket: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665452 – brent May 17 '12 at 15:12
  • P.S. I will give you the bounty when it expires (19 hours) – Jaakko May 17 '12 at 15:14
  • 2
    Sounds good :) Final piece of info, upstream ticket with OpenSSL that seems to be the root cause of the issue: http://rt.openssl.org/Ticket/Display.html?id=2802&user=guest&pass=guest – brent May 17 '12 at 15:16
  • Thanks! This answer also works for OpenSSL 0.9.8zh 14 Jan 2016 on Mac – tytk Jan 26 '17 at 19:54
4

This error can be caused by an older version of openssl when it can not re-negotiate the cipher (I generated a self-signed certificate using elliptic curves).

Specifically, I was getting the same error on MacOS with default openssl - 0.9.8zh

After installing the brew version OpenSSL 1.0.2f the error went away:

~/bin/openssl s_client -connect localhost:45678 | grep Cipher

verify return:1
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES256-GCM-SHA384
    Cipher    : ECDHE-ECDSA-AES256-GCM-SHA384
Andrei Sura
  • 166
  • 2
  • after doing a brew install, my openssl version in /usr/bin/openssl was the old version. I had to specifically go to /usr/local/Cellar/openssl/1.0.2o_2/bin to run the latest version of openssl – Gopi Palamalai Jun 24 '18 at 21:28
2

If you get this issue with a Java HTTPS server running on OpenJDK, try editing /etc/java-7-openjdk/security/java.security and commenting out the line

security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg

as discovered by Christoph W.

Aldaviva
  • 161
  • 6