Again, fresh install of 7.5beta on a test VM. After realizing that
signal-event certificate-update didn’t restart httpd-admin, doing that restart manually gets it using the new cert, but it also implements the 20180330 TLS policy, which I’d already chosen in my 7.4 production server without a problem. However, on 7.5, I can’t connect when this policy is in effect. I’ve tried using Firefox Mac 59.0.2 and Safari 11.1. Firefox gives the error of “SSL_ERROR_NO_CYPHER_OVERLAP”, while Safari doesn’t give anything useful at all.
Checking the admin-conf/httpd.conf files between the two servers, the SSLCipherSuite and SSLProtocol settings are identical. However, OpenSSL can make a connection on the 7.4 box, but not on the 7.5 box. Here’s the output on 7.4:
[root@neth admin-conf]# openssl s_client -connect localhost:980 CONNECTED(00000003) depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = neth.familybrown.org verify return:1 --- Certificate chain 0 s:/CN=neth.familybrown.org i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 i:/O=Digital Signature Trust Co./CN=DST Root CA X3 --- Server certificate -----BEGIN CERTIFICATE----- MIIHbjCCBlagAwIBAgISA9hrBt2o7fdLq9D7NpelUvjRMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD (snip)
…and on 7.5:
[root@neth-automx admin-conf]# openssl s_client -connect localhost:980 CONNECTED(00000003) 140134488483728:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 289 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None Start Time: 1527197604 Timeout : 300 (sec) Verify return code: 0 (ok) ---
:lightbulb: I’d created an ECC cert, which Apache itself seems perfectly happy with. But on a hunch, I re-issued the cert as a standard RSA cert–now it works fine. I’d suggest that perhaps the CipherSuite should be updated to include ECC-compatible protocols, as it’s unnecessarily restrictive at this time. The Mozilla generator gives the following:
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256