Again, fresh install of 7.5beta on a test VM. After realizing that signal-event certificate-update
didn’t restart httpd-admin, doing that restart manually gets it using the new cert, but it also implements the 20180330 TLS policy, which I’d already chosen in my 7.4 production server without a problem. However, on 7.5, I can’t connect when this policy is in effect. I’ve tried using Firefox Mac 59.0.2 and Safari 11.1. Firefox gives the error of “SSL_ERROR_NO_CYPHER_OVERLAP”, while Safari doesn’t give anything useful at all.
Checking the admin-conf/httpd.conf files between the two servers, the SSLCipherSuite and SSLProtocol settings are identical. However, OpenSSL can make a connection on the 7.4 box, but not on the 7.5 box. Here’s the output on 7.4:
[root@neth admin-conf]# openssl s_client -connect localhost:980
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = neth.familybrown.org
verify return:1
---
Certificate chain
0 s:/CN=neth.familybrown.org
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHbjCCBlagAwIBAgISA9hrBt2o7fdLq9D7NpelUvjRMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
(snip)
…and on 7.5:
[root@neth-automx admin-conf]# openssl s_client -connect localhost:980
CONNECTED(00000003)
140134488483728:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 289 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1527197604
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
:lightbulb: I’d created an ECC cert, which Apache itself seems perfectly happy with. But on a hunch, I re-issued the cert as a standard RSA cert–now it works fine. I’d suggest that perhaps the CipherSuite should be updated to include ECC-compatible protocols, as it’s unnecessarily restrictive at this time. The Mozilla generator gives the following:
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256