Welcome! Log In Create A New Profile

Advanced

Client can't negotiate with TLS 1.0 and 1.1

Fabiano Furtado Pessoa Coelho
August 24, 2022 04:24PM
Hi...

I'm using NGINX 1.22.0 with OpenSSL 3.0.5 in a Linux x86_64 server
with one NIC and 2 IPs, with the following config:

* config based on
https://ssl-config.mozilla.org/#server=nginx&version=1.22.0&config=intermediate&openssl=3.0.5&guideline=5.6

1st) IP 10.0.0.1 with intermediate config (only TLS 1.2 and 1.3 enabled):

server {
listen 10.0.0.1:443 ssl http2;
server_name secure.example.com;

ssl_session_cache shared:SSL_intermediate:10m;

ssl_dhparam /etc/nginx/dhparams.pem;

ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
...
}

2nd) IP 10.0.0.2 with old config (TLS 1.0 through 1.3 enabled):

server {
listen 10.0.0.2:443 ssl http2;
server_name insecure.example.com;

ssl_session_cache shared:SSL_old:10m;

ssl_dhparam /etc/nginx/dhparams.pem;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA;
ssl_prefer_server_ciphers on;
...
}


$ netstat -nlpt | grep nginx | sort
tcp 0 0 10.0.0.1:443 0.0.0.0:* LISTEN
1337/nginx: master p
tcp 0 0 10.0.0.2:443 0.0.0.0:* LISTEN
1337/nginx: master p


Trying TLS 1.0:

$ openssl s_client -connect insecure.example.com:443 -tls1
CONNECTED(00000003)
00FCC7F5507F0000:error:0A00042E:SSL routines:ssl3_read_bytes:tlsv1
alert protocol version:ssl/record/rec_layer_s3.c:1584:SSL alert number
70
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 135 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1661371345
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---


Trying TLS 1.1:

$ openssl s_client -connect insecure.example.com:443 -tls1_1
CONNECTED(00000003)
00FC0A99AB7F0000:error:0A00042E:SSL routines:ssl3_read_bytes:tlsv1
alert protocol version:ssl/record/rec_layer_s3.c:1584:SSL alert number
70
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 135 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.1
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1661371360
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---


Why I can't connect with TLS 1.0 or 1.1 on insecure.example.com?

Is this an OpenSSL 3 issue? Does it work with OpenSSL 1.1.1?

I have separated the "ssl_protocols" by IP and there is no others
"ssl_protocols" directives configured outside of server{} block.

Thanks.
_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-leave@nginx.org
Subject Author Posted

Client can't negotiate with TLS 1.0 and 1.1

Fabiano Furtado Pessoa Coelho August 24, 2022 04:24PM

Re: Client can't negotiate with TLS 1.0 and 1.1

Maxim Dounin August 24, 2022 04:46PM

Re: Client can't negotiate with TLS 1.0 and 1.1

Fabiano Furtado Pessoa Coelho August 24, 2022 08:20PM

Re: Client can't negotiate with TLS 1.0 and 1.1

Igor Ippolitov August 24, 2022 04:48PM

Re: Client can't negotiate with TLS 1.0 and 1.1

noloader August 24, 2022 05:10PM

Re: Client can't negotiate with TLS 1.0 and 1.1

Fabiano Furtado Pessoa Coelho August 24, 2022 08:38PM

Re: Client can't negotiate with TLS 1.0 and 1.1

Sergey Kandaurov August 25, 2022 12:00PM

Re: Client can't negotiate with TLS 1.0 and 1.1

Fabiano Furtado Pessoa Coelho August 25, 2022 01:02PM

Re: Client can't negotiate with TLS 1.0 and 1.1

Lukas Tribus August 25, 2022 03:32PM

Re: Client can't negotiate with TLS 1.0 and 1.1

Fabiano Furtado Pessoa Coelho August 25, 2022 04:04PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 168
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready