OpenSSL s_client -connect incompatibility issue

Question

I am currently facing a problem that puzzles me. When i use this command from a machine with RHEL 7 with OpenSSL 1.0.2k:

openssl s_client -connect name.name.somename:9093

I get the result i wanted. I can see the cert, the cert chain and etc..

CONNECTED(00000003)
depth=1 CN = XXXXXXX
verify error:num=19:self signed certificate in certificate chain
---
Certificate chain
 0 s:/CN=*XXXXXXX
   i:/CN=XXXXXXX
 1 s:/CN=XXXXXXX
   i:/CN=XXXXXXX
---
Server certificate
-----BEGIN CERTIFICATE-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END CERTIFICATE-----
subject=/xxxxxxxxxxxxxxxxxx
issuer=/xxxxxxxxxxxxxxxxxx
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: DH, 1024 bits
---
SSL handshake has read 3294 bytes and written 479 bytes
---
New, TLSv1/SSLv3, Cipher is xxxxxxxxxxxxxxxxxx
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : xxxxxxxxxxxxxxxxxx
    Session-ID: xxxxxxxxxxxxxxxxxx
    Session-ID-ctx:
    Master-Key: xxxxxxxxxxxxxxxxxx
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1638952814
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)

But whenever i try the same command from a machine running newer version of OpenSSL i get this error:

CONNECTED(00000003)
139685857744704:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:332:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 320 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

Is there any compatibility issues or some new command or conf file for the newer version?|

Adding all ciphers:

Obtaining cipher list from OpenSSL 1.1.1k 25 Mar 2021.
Testing TLS_AES_256_GCM_SHA384...NO (SSL_CTX_set_cipher_list)
Testing TLS_CHACHA20_POLY1305_SHA256...NO (SSL_CTX_set_cipher_list)
Testing TLS_AES_128_GCM_SHA256...NO (SSL_CTX_set_cipher_list)
Testing ECDHE-ECDSA-AES256-GCM-SHA384...NO (wrong version number)
Testing ECDHE-RSA-AES256-GCM-SHA384...NO (wrong version number)
Testing DHE-DSS-AES256-GCM-SHA384...YES
Testing DHE-RSA-AES256-GCM-SHA384...NO (wrong version number)
Testing ECDHE-ECDSA-CHACHA20-POLY1305...NO (wrong version number)
Testing ECDHE-RSA-CHACHA20-POLY1305...NO (wrong version number)
Testing DHE-RSA-CHACHA20-POLY1305...NO (wrong version number)
Testing ECDHE-ECDSA-AES256-CCM8...NO (wrong version number)
Testing ECDHE-ECDSA-AES256-CCM...NO (wrong version number)
Testing DHE-RSA-AES256-CCM8...NO (wrong version number)
Testing DHE-RSA-AES256-CCM...NO (wrong version number)
Testing ECDHE-ECDSA-ARIA256-GCM-SHA384...NO (wrong version number)
Testing ECDHE-ARIA256-GCM-SHA384...NO (wrong version number)
Testing DHE-DSS-ARIA256-GCM-SHA384...NO (wrong version number)
Testing DHE-RSA-ARIA256-GCM-SHA384...NO (wrong version number)
Testing ADH-AES256-GCM-SHA384...NO (wrong version number)
Testing ECDHE-ECDSA-AES128-GCM-SHA256...NO (wrong version number)
Testing ECDHE-RSA-AES128-GCM-SHA256...NO (wrong version number)
Testing DHE-DSS-AES128-GCM-SHA256...YES
Testing DHE-RSA-AES128-GCM-SHA256...NO (wrong version number)
Testing ECDHE-ECDSA-AES128-CCM8...NO (wrong version number)
Testing ECDHE-ECDSA-AES128-CCM...NO (wrong version number)
Testing DHE-RSA-AES128-CCM8...NO (wrong version number)
Testing DHE-RSA-AES128-CCM...NO (wrong version number)
Testing ECDHE-ECDSA-ARIA128-GCM-SHA256...NO (wrong version number)
Testing ECDHE-ARIA128-GCM-SHA256...NO (wrong version number)
Testing DHE-DSS-ARIA128-GCM-SHA256...NO (wrong version number)
Testing DHE-RSA-ARIA128-GCM-SHA256...NO (wrong version number)
Testing ADH-AES128-GCM-SHA256...NO (wrong version number)
Testing ECDHE-ECDSA-AES256-SHA384...NO (wrong version number)
Testing ECDHE-RSA-AES256-SHA384...NO (wrong version number)
Testing DHE-RSA-AES256-SHA256...NO (wrong version number)
Testing DHE-DSS-AES256-SHA256...YES
Testing ECDHE-ECDSA-CAMELLIA256-SHA384...NO (wrong version number)
Testing ECDHE-RSA-CAMELLIA256-SHA384...NO (wrong version number)
Testing DHE-RSA-CAMELLIA256-SHA256...NO (wrong version number)
Testing DHE-DSS-CAMELLIA256-SHA256...NO (wrong version number)
Testing ADH-AES256-SHA256...NO (wrong version number)
Testing ADH-CAMELLIA256-SHA256...NO (wrong version number)
Testing ECDHE-ECDSA-AES128-SHA256...NO (wrong version number)
Testing ECDHE-RSA-AES128-SHA256...NO (wrong version number)
Testing DHE-RSA-AES128-SHA256...NO (wrong version number)
Testing DHE-DSS-AES128-SHA256...YES
Testing ECDHE-ECDSA-CAMELLIA128-SHA256...NO (wrong version number)
Testing ECDHE-RSA-CAMELLIA128-SHA256...NO (wrong version number)
Testing DHE-RSA-CAMELLIA128-SHA256...NO (wrong version number)
Testing DHE-DSS-CAMELLIA128-SHA256...NO (wrong version number)
Testing ADH-AES128-SHA256...NO (wrong version number)
Testing ADH-CAMELLIA128-SHA256...NO (wrong version number)
Testing ECDHE-ECDSA-AES256-SHA...NO (wrong version number)
Testing ECDHE-RSA-AES256-SHA...NO (wrong version number)
Testing DHE-RSA-AES256-SHA...NO (wrong version number)
Testing DHE-DSS-AES256-SHA...YES
Testing DHE-RSA-CAMELLIA256-SHA...NO (wrong version number)
Testing DHE-DSS-CAMELLIA256-SHA...NO (wrong version number)
Testing AECDH-AES256-SHA...NO (wrong version number)
Testing ADH-AES256-SHA...NO (wrong version number)
Testing ADH-CAMELLIA256-SHA...NO (wrong version number)
Testing ECDHE-ECDSA-AES128-SHA...NO (wrong version number)
Testing ECDHE-RSA-AES128-SHA...NO (wrong version number)
Testing DHE-RSA-AES128-SHA...NO (wrong version number)
Testing DHE-DSS-AES128-SHA...YES
Testing DHE-RSA-SEED-SHA...NO (wrong version number)
Testing DHE-DSS-SEED-SHA...NO (wrong version number)
Testing DHE-RSA-CAMELLIA128-SHA...NO (wrong version number)
Testing DHE-DSS-CAMELLIA128-SHA...NO (wrong version number)
Testing AECDH-AES128-SHA...NO (wrong version number)
Testing ADH-AES128-SHA...NO (wrong version number)
Testing ADH-SEED-SHA...NO (wrong version number)
Testing ADH-CAMELLIA128-SHA...NO (wrong version number)
Testing RSA-PSK-AES256-GCM-SHA384...NO (wrong version number)
Testing DHE-PSK-AES256-GCM-SHA384...NO (wrong version number)
Testing RSA-PSK-CHACHA20-POLY1305...NO (wrong version number)
Testing DHE-PSK-CHACHA20-POLY1305...NO (wrong version number)
Testing ECDHE-PSK-CHACHA20-POLY1305...NO (wrong version number)
Testing DHE-PSK-AES256-CCM8...NO (wrong version number)
Testing DHE-PSK-AES256-CCM...NO (wrong version number)
Testing RSA-PSK-ARIA256-GCM-SHA384...NO (wrong version number)
Testing DHE-PSK-ARIA256-GCM-SHA384...NO (wrong version number)
Testing AES256-GCM-SHA384...NO (wrong version number)
Testing AES256-CCM8...NO (wrong version number)
Testing AES256-CCM...NO (wrong version number)
Testing ARIA256-GCM-SHA384...NO (wrong version number)
Testing PSK-AES256-GCM-SHA384...NO (wrong version number)
Testing PSK-CHACHA20-POLY1305...NO (wrong version number)
Testing PSK-AES256-CCM8...NO (wrong version number)
Testing PSK-AES256-CCM...NO (wrong version number)
Testing PSK-ARIA256-GCM-SHA384...NO (wrong version number)
Testing RSA-PSK-AES128-GCM-SHA256...NO (wrong version number)
Testing DHE-PSK-AES128-GCM-SHA256...NO (wrong version number)
Testing DHE-PSK-AES128-CCM8...NO (wrong version number)
Testing DHE-PSK-AES128-CCM...NO (wrong version number)
Testing RSA-PSK-ARIA128-GCM-SHA256...NO (wrong version number)
Testing DHE-PSK-ARIA128-GCM-SHA256...NO (wrong version number)
Testing AES128-GCM-SHA256...NO (wrong version number)
Testing AES128-CCM8...NO (wrong version number)
Testing AES128-CCM...NO (wrong version number)
Testing ARIA128-GCM-SHA256...NO (wrong version number)
Testing PSK-AES128-GCM-SHA256...NO (wrong version number)
Testing PSK-AES128-CCM8...NO (wrong version number)
Testing PSK-AES128-CCM...NO (wrong version number)
Testing PSK-ARIA128-GCM-SHA256...NO (wrong version number)
Testing AES256-SHA256...NO (wrong version number)
Testing CAMELLIA256-SHA256...NO (wrong version number)
Testing AES128-SHA256...NO (wrong version number)
Testing CAMELLIA128-SHA256...NO (wrong version number)
Testing ECDHE-PSK-AES256-CBC-SHA384...NO (wrong version number)
Testing ECDHE-PSK-AES256-CBC-SHA...NO (wrong version number)
Testing SRP-DSS-AES-256-CBC-SHA...NO (wrong version number)
Testing SRP-RSA-AES-256-CBC-SHA...NO (wrong version number)
Testing SRP-AES-256-CBC-SHA...NO (wrong version number)
Testing RSA-PSK-AES256-CBC-SHA384...NO (wrong version number)
Testing DHE-PSK-AES256-CBC-SHA384...NO (wrong version number)
Testing RSA-PSK-AES256-CBC-SHA...NO (wrong version number)
Testing DHE-PSK-AES256-CBC-SHA...NO (wrong version number)
Testing ECDHE-PSK-CAMELLIA256-SHA384...NO (wrong version number)
Testing RSA-PSK-CAMELLIA256-SHA384...NO (wrong version number)
Testing DHE-PSK-CAMELLIA256-SHA384...NO (wrong version number)
Testing AES256-SHA...NO (wrong version number)
Testing CAMELLIA256-SHA...NO (wrong version number)
Testing PSK-AES256-CBC-SHA384...NO (wrong version number)
Testing PSK-AES256-CBC-SHA...NO (wrong version number)
Testing PSK-CAMELLIA256-SHA384...NO (wrong version number)
Testing ECDHE-PSK-AES128-CBC-SHA256...NO (wrong version number)
Testing ECDHE-PSK-AES128-CBC-SHA...NO (wrong version number)
Testing SRP-DSS-AES-128-CBC-SHA...NO (wrong version number)
Testing SRP-RSA-AES-128-CBC-SHA...NO (wrong version number)
Testing SRP-AES-128-CBC-SHA...NO (wrong version number)
Testing RSA-PSK-AES128-CBC-SHA256...NO (wrong version number)
Testing DHE-PSK-AES128-CBC-SHA256...NO (wrong version number)
Testing RSA-PSK-AES128-CBC-SHA...NO (wrong version number)
Testing DHE-PSK-AES128-CBC-SHA...NO (wrong version number)
Testing ECDHE-PSK-CAMELLIA128-SHA256...NO (wrong version number)
Testing RSA-PSK-CAMELLIA128-SHA256...NO (wrong version number)
Testing DHE-PSK-CAMELLIA128-SHA256...NO (wrong version number)
Testing AES128-SHA...NO (wrong version number)
Testing SEED-SHA...NO (wrong version number)
Testing CAMELLIA128-SHA...NO (wrong version number)
Testing IDEA-CBC-SHA...NO (wrong version number)
Testing PSK-AES128-CBC-SHA256...NO (wrong version number)
Testing PSK-AES128-CBC-SHA...NO (wrong version number)
Testing PSK-CAMELLIA128-SHA256...NO (wrong version number)
Testing ECDHE-ECDSA-NULL-SHA...NO (wrong version number)
Testing ECDHE-RSA-NULL-SHA...NO (wrong version number)
Testing AECDH-NULL-SHA...NO (wrong version number)
Testing NULL-SHA256...NO (wrong version number)
Testing ECDHE-PSK-NULL-SHA384...NO (wrong version number)
Testing ECDHE-PSK-NULL-SHA256...NO (wrong version number)
Testing ECDHE-PSK-NULL-SHA...NO (wrong version number)
Testing RSA-PSK-NULL-SHA384...NO (wrong version number)
Testing RSA-PSK-NULL-SHA256...NO (wrong version number)
Testing DHE-PSK-NULL-SHA384...NO (wrong version number)
Testing DHE-PSK-NULL-SHA256...NO (wrong version number)
Testing RSA-PSK-NULL-SHA...NO (wrong version number)
Testing DHE-PSK-NULL-SHA...NO (wrong version number)
Testing NULL-SHA...NO (wrong version number)
Testing NULL-MD5...NO (wrong version number)
Testing PSK-NULL-SHA384...NO (wrong version number)
Testing PSK-NULL-SHA256...NO (wrong version number)
Testing PSK-NULL-SHA...NO (wrong version number

)

*...running newer version of OpenSSL...* and what version would that be? — President James K. Polk, Dec 07 '21 at 12:57
@PresidentJamesK.Polk+ 1.1.x is clear from the sourcefile name so what matters more than the version is how (or by whom) it was built. People doing self-builds rarely bother with FIPS, so [if that's RHEL8, it now has system-wide policies that make OpenSSL on RHEL8 different from OpenSSL elsewhere](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/considerations_in_adopting_rhel_8/security_considerations-in-adopting-rhel-8). If not, it could be a build tweak of SECLEVEL or the new `ssl_conf` default section (both new in 1.1.x). — dave_thompson_085, Dec 07 '21 at 13:45
@VeselinUgrinov: please include the output from the successful connection in your question too. — Steffen Ullrich, Dec 07 '21 at 15:36
@VeselinUgrinov: Please include the details for the cipher too. But my guess is that there is a weak DH key configured in the server, only 1024 bit based on the output. See https://stackoverflow.com/questions/61626206/what-could-cause-dh-key-too-small-error. Try using `openssl s_client -cipher 'HIGH:!DH' ...` to disable use of DH in the client. — Steffen Ullrich, Dec 08 '21 at 10:01
@SteffenUllrich i added cipher list from OpenSSL 1.1.1k 25 Mar 2021. — Veselin Ugrinov, Dec 08 '21 at 13:19
@VeselinUgrinov: I mean the details you've explicitly omitted in `Cipher : xxxxxxxxxxxxxxxxxx`. And have you tried to disable DH as I proposed? — Steffen Ullrich, Dec 08 '21 at 14:21
I am sorry, i did not get what you mean at first, there is the Cipher value: Cipher : DHE-DSS-AES256-GCM-SHA384 — Veselin Ugrinov, Dec 08 '21 at 14:37
@SteffenUllrich , I did not get how to disable DH ... can this be done in the openssl.conf file ? — Veselin Ugrinov, Dec 08 '21 at 14:49

score 1 · Accepted Answer · answered Dec 08 '21 at 14:27

1

Testing DHE-DSS-AES256-GCM-SHA384...YES

It looks like the server supports only DSS ciphers, which is very unusual. As can be seen from the changelog such ciphers were removed from the default cipher list with OpenSSL 1.1.0. This means one explicitly need to enable the cipher, i.e.

$ openssl s_client -cipher 'DHE-DSS-AES256-GCM-SHA384' ...

answered Dec 08 '21 at 14:27

Steffen Ullrich

114,247
10
131
172

This way it works by adding the -cipher . I was able to execute openssl s_client -cipher 'DHE-DSS-AES256-GCM-SHA384' -connect hosntame:9093 But is there any way to add this as a permanent value somewhere, so whenever i execute "openssl s_client -connect hostname:9093" to be able to connect ? – Veselin Ugrinov Dec 08 '21 at 14:41
@VeselinUgrinov: You can override the default setting in the systems openssl config - see https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level for more – Steffen Ullrich Dec 08 '21 at 15:02
The part with [system_default_sect] MinProtocol = TLSv1.2 CipherString = DEFAULT:@SECLEVEL=1 did nothing for me ... :/ – Veselin Ugrinov Dec 08 '21 at 15:28
@VeselinUgrinov: you need to adapt this string to reflect the ciphers you want, like `CipherString = DEFAULT:DHE-DSS-AES256-GCM-SHA384:@SECLEVEL=1` – Steffen Ullrich Dec 08 '21 at 15:59
Still the same error, but at least " openssl s_client -cipher 'DHE-DSS-AES256-GCM-SHA384' ..." works, thank you for that. – Veselin Ugrinov Dec 09 '21 at 09:41

OpenSSL s_client -connect incompatibility issue

1 Answers1