Al2Klimov
commented
5 years ago Haven't this issue already being addressed by #7248?
Closed Crunsher closed 5 years ago
Al2Klimov
commented
5 years ago Haven't this issue already being addressed by #7248?
dnsmichi
commented
5 years ago @Crunsher Please test this with a recent snapshot master build, and a stable 2.10 as well as 2.9 agent.
dnsmichi
commented
5 years ago May be the case that the SSL context is not fully initialized at this stage. https://stackoverflow.com/questions/12217346/c-boost-asio-error-no-shared-cipher
Try analysing whether SetCipherListToSSLContext really works when the async handshake is initiated.
Crunsher
commented
5 years ago Two notes about this:
Will look at it again once I finish with #7303
dnsmichi
commented
5 years ago Tasks:
A full cluster setup is not needed for this, since only the TLS handshake is important.
dnsmichi
commented
5 years ago Did some reading on this. Many posts talk about wrong certificates, and in the context of doing the TLS handshake, another error is generated which somehow leads to 'no shared cipher' errors.
https://github.com/openssl/openssl/issues/6289 also points to OpenSSL 1.1.0 being a problem here.
It might also be the case that we're enforcing a tlsv12 context by default, in contrast to the old sslv23 context in 2.10 and below. Although that would mean that the client sends garbage, and point to a bug in our old TLS implementation.
https://community.letsencrypt.org/t/how-do-i-use-lets-encrypt-certs-with-boost-asio/88529/47
This entry https://redmine.webtoolkit.eu/boards/2/topics/16167 points to an interesting C++ project also using Boost. They have had similar issues with v3 to v4 changes.
Comparing their versions as suggested just leads to what I had changed for 2.11 too.
$ cd dev/github
$ git clone https://github.com/emweb/wt && cd wt
$ git diff 3.3.9 4.0.5
@@ -933,9 +936,23 @@ bool Client::request(Http::Method method, const std::string& url,
#ifdef WT_WITH_SSL
} else if (parsedUrl.protocol == "https") {
- boost::asio::ssl::context context
- (*ioService, boost::asio::ssl::context::sslv23);
- long sslOptions = boost::asio::ssl::context::no_sslv2 | boost::asio::ssl::context::no_sslv3;
+#if defined(WT_ASIO_IS_BOOST_ASIO) && BOOST_VERSION >= 106600
+ asio::ssl::context context(asio::ssl::context::tls);
+#elif defined(WT_ASIO_IS_STANDALONE_ASIO) && ASIO_VERSION >= 101100
+ asio::ssl::context context(asio::ssl::context::sslv23);
+#else
+ asio::ssl::context context
+ (*ioService, asio::ssl::context::sslv23);
+#endif
+ long sslOptions = asio::ssl::context::no_sslv2 |
+ asio::ssl::context::no_sslv3 |
+ asio::ssl::context::no_tlsv1;
+
+#if (defined(WT_ASIO_IS_BOOST_ASIO) && BOOST_VERSION >= 105800) || \
+ defined(WT_ASIO_IS_STANDALONE_ASIO)
+ sslOptions |= asio::ssl::context::no_tlsv1_1;
+#endif
+
context.set_options(sslOptions);In the end, I could only think of an OpenSSL version on the client which is broken, or wrongly built not loading the supported ciphers. The client-server TLS Hello is tlsv1.2 by default now, and it may be the case that the client doesn't send any supported ciphers.
Looking at #7248 this makes me believe that we actually never loaded the ECC certificates on el7, neither with v2.11 nor with older systems. This is the new default, and since you've been using a 2.10.4-snapshot from a couple of months ago, the recent patch was only in place on the 2.10.5 snapshot.
TL;DR - you've probably discovered a hidden bug which already was fixed in git master discovered in the Vagrant boxes.
@lippserd @bobapple I'll consider this done, if @Crunsher agrees.
Crunsher
commented
5 years ago Got the error again. version 2.10.4 and snapshot as master agent:
[2019-07-11 15:22:00 +0200] warning/TlsStream: OpenSSL error: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
[2019-07-11 15:22:00 +0200] critical/ApiListener: Client TLS handshake failed (from [192.168.33.1]:37780): Error: Socket was closed during TLS handshake.
(0) Handling new API client connection
Context:
(0) Handling new API client connectionmaster:
[2019-07-11 15:22:20 +0200] critical/ApiListener: Client TLS handshake failed (to [192.168.33.5]:5665): sslv3 alert handshake failure
[2019-07-11 15:22:20 +0200] information/ApiListener: Finished reconnecting to endpoint 'icinga2.vagrant.demo.icinga.com' via host '192.168.33.5' and port '5665'Using only node wizard with ticket, certificate has not been signed yet. openssl versions, agent: OpenSSL 1.0.2k-fips, master: OpenSSL 1.1.1c
Currently struggling with gdb to extract more info during runtime.
Crunsher
commented
5 years ago I concur with @dnsmichi in this case. But we should document the issue and the workraound/fix: Using a more recent openssl version to create the certificates.
dnsmichi
commented
5 years ago I believe that the not-loaded ECC certificates are the root cause of this. If you apply #7248 against 2.10.4 on your host, it will work agian.
The second, yet better option is to override cipher_list on your master, and set a strong and secure cipher which is not inside the ECC library.
You can do so with calling openssl ciphers on both instances, and select one.
After restart, try reconnecting with the client (unpatched 2.10.x).
Please proceed with testing the second option first.
If that works, we can modify the default cipher list in apilistener.ti.
Crunsher
commented
5 years ago I am currently testing what happens when an instance gets updated from two version 2.10.4 to 2.11 to gauge how problematic this issue is. Your tests are next.
dnsmichi
commented
5 years ago As discussed offline, there seems to be a difference with the received certificates. A 2.11 master with a 2.10.4 agent and node wizard generates different signed certificates - that's what I get from your tests, please re-test this compared to 2.10.x master+agent, especially compare the received signed certificates from both runs. Or the 'api setup' on the master differs, generating different certificates - this is where #5555 comes into play again.
https://geekflare.com/tls-101/
The SSL/TLS certificate provides a list of cipher suites that the server supports.
https://github.com/drwetter/testssl.sh/ might be a good candidate to extract the supported ciphers from both, master and agent. Or https://superuser.com/questions/109213/how-do-i-list-the-ssl-tls-cipher-suites-a-particular-website-offers
dnsmichi
commented
5 years ago Try sslscan, should be available on Debian as well. On macOS, it is available with brew install sslscan.
$ sslscan localhost:5665
Version: 1.11.13-static
OpenSSL 1.0.2f 28 Jan 2016
Connected to ::1
Testing SSL server localhost on port 5665 using SNI name localhost
TLS Fallback SCSV:
Server supports TLS Fallback SCSV
TLS renegotiation:
Session renegotiation not supported
TLS Compression:
Compression disabled
Heartbleed:
TLS 1.2 not vulnerable to heartbleed
TLS 1.1 not vulnerable to heartbleed
TLS 1.0 not vulnerable to heartbleed
Supported Server Cipher(s):
Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength: 4096
Subject: mbpmif.int.netways.de
Altnames: DNS:mbpmif.int.netways.de
Issuer: Icinga CA
Not valid before: Jan 4 14:38:12 2019 GMT
Not valid after: Dec 31 14:38:12 2033 GMTI diffed the relevant certificates, the only differences between versions were serial number, timestamp and payload. So there is nothing wrong with the certificates I think.
Will do cipher list and sslscan tomorrow.
dnsmichi
commented
5 years ago 2.10.5 stable scan:
[root@icinga2 ~]# sslscan localhost:5665 --tls12 localhost:5665
_
___ ___| |___ ___ __ _ _ __
/ __/ __| / __|/ __/ _` | '_ \
\__ \__ \ \__ \ (_| (_| | | | |
|___/___/_|___/\___\__,_|_| |_|
sslscan version 1.10.2
OpenSSL 1.0.1e-fips 11 Feb 2013
Testing SSL server localhost on port 5665
Supported Client Cipher(s):
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
DH-DSS-AES256-GCM-SHA384
DHE-DSS-AES256-GCM-SHA384
DH-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES256-SHA256
DHE-DSS-AES256-SHA256
DH-RSA-AES256-SHA256
DH-DSS-AES256-SHA256
DHE-RSA-AES256-SHA
DHE-DSS-AES256-SHA
DH-RSA-AES256-SHA
DH-DSS-AES256-SHA
DHE-RSA-CAMELLIA256-SHA
DHE-DSS-CAMELLIA256-SHA
DH-RSA-CAMELLIA256-SHA
DH-DSS-CAMELLIA256-SHA
AECDH-AES256-SHA
ADH-AES256-GCM-SHA384
ADH-AES256-SHA256
ADH-AES256-SHA
ADH-CAMELLIA256-SHA
ECDH-RSA-AES256-GCM-SHA384
ECDH-ECDSA-AES256-GCM-SHA384
ECDH-RSA-AES256-SHA384
ECDH-ECDSA-AES256-SHA384
ECDH-RSA-AES256-SHA
ECDH-ECDSA-AES256-SHA
AES256-GCM-SHA384
AES256-SHA256
AES256-SHA
CAMELLIA256-SHA
PSK-AES256-CBC-SHA
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA
DH-DSS-AES128-GCM-SHA256
DHE-DSS-AES128-GCM-SHA256
DH-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-AES128-SHA256
DHE-DSS-AES128-SHA256
DH-RSA-AES128-SHA256
DH-DSS-AES128-SHA256
DHE-RSA-AES128-SHA
DHE-DSS-AES128-SHA
DH-RSA-AES128-SHA
DH-DSS-AES128-SHA
DHE-RSA-SEED-SHA
DHE-DSS-SEED-SHA
DH-RSA-SEED-SHA
DH-DSS-SEED-SHA
DHE-RSA-CAMELLIA128-SHA
DHE-DSS-CAMELLIA128-SHA
DH-RSA-CAMELLIA128-SHA
DH-DSS-CAMELLIA128-SHA
AECDH-AES128-SHA
ADH-AES128-GCM-SHA256
ADH-AES128-SHA256
ADH-AES128-SHA
ADH-SEED-SHA
ADH-CAMELLIA128-SHA
ECDH-RSA-AES128-GCM-SHA256
ECDH-ECDSA-AES128-GCM-SHA256
ECDH-RSA-AES128-SHA256
ECDH-ECDSA-AES128-SHA256
ECDH-RSA-AES128-SHA
ECDH-ECDSA-AES128-SHA
AES128-GCM-SHA256
AES128-SHA256
AES128-SHA
SEED-SHA
CAMELLIA128-SHA
PSK-AES128-CBC-SHA
ECDHE-RSA-DES-CBC3-SHA
ECDHE-ECDSA-DES-CBC3-SHA
EDH-RSA-DES-CBC3-SHA
EDH-DSS-DES-CBC3-SHA
DH-RSA-DES-CBC3-SHA
DH-DSS-DES-CBC3-SHA
AECDH-DES-CBC3-SHA
ADH-DES-CBC3-SHA
ECDH-RSA-DES-CBC3-SHA
ECDH-ECDSA-DES-CBC3-SHA
DES-CBC3-SHA
IDEA-CBC-SHA
PSK-3DES-EDE-CBC-SHA
KRB5-IDEA-CBC-SHA
KRB5-DES-CBC3-SHA
KRB5-IDEA-CBC-MD5
KRB5-DES-CBC3-MD5
ECDHE-RSA-RC4-SHA
ECDHE-ECDSA-RC4-SHA
AECDH-RC4-SHA
ADH-RC4-MD5
ECDH-RSA-RC4-SHA
ECDH-ECDSA-RC4-SHA
RC4-SHA
RC4-MD5
PSK-RC4-SHA
KRB5-RC4-SHA
KRB5-RC4-MD5
ECDHE-RSA-NULL-SHA
ECDHE-ECDSA-NULL-SHA
AECDH-NULL-SHA
ECDH-RSA-NULL-SHA
ECDH-ECDSA-NULL-SHA
NULL-SHA256
NULL-SHA
NULL-MD5
Supported Server Cipher(s):
Rejected TLS12 256 bits ECDHE-RSA-AES256-GCM-SHA384
Rejected TLS12 256 bits ECDHE-ECDSA-AES256-GCM-SHA384
Rejected TLS12 256 bits ECDHE-RSA-AES256-SHA384
Rejected TLS12 256 bits ECDHE-ECDSA-AES256-SHA384
Rejected TLS12 256 bits ECDHE-RSA-AES256-SHA
Rejected TLS12 256 bits ECDHE-ECDSA-AES256-SHA
Rejected TLS12 256 bits DH-DSS-AES256-GCM-SHA384
Rejected TLS12 256 bits DHE-DSS-AES256-GCM-SHA384
Rejected TLS12 256 bits DH-RSA-AES256-GCM-SHA384
Rejected TLS12 256 bits DHE-RSA-AES256-GCM-SHA384
Rejected TLS12 256 bits DHE-RSA-AES256-SHA256
Rejected TLS12 256 bits DHE-DSS-AES256-SHA256
Rejected TLS12 256 bits DH-RSA-AES256-SHA256
Rejected TLS12 256 bits DH-DSS-AES256-SHA256
Rejected TLS12 256 bits DHE-RSA-AES256-SHA
Rejected TLS12 256 bits DHE-DSS-AES256-SHA
Rejected TLS12 256 bits DH-RSA-AES256-SHA
Rejected TLS12 256 bits DH-DSS-AES256-SHA
Rejected TLS12 256 bits DHE-RSA-CAMELLIA256-SHA
Rejected TLS12 256 bits DHE-DSS-CAMELLIA256-SHA
Rejected TLS12 256 bits DH-RSA-CAMELLIA256-SHA
Rejected TLS12 256 bits DH-DSS-CAMELLIA256-SHA
Rejected TLS12 256 bits AECDH-AES256-SHA
Rejected TLS12 256 bits ADH-AES256-GCM-SHA384
Rejected TLS12 256 bits ADH-AES256-SHA256
Rejected TLS12 256 bits ADH-AES256-SHA
Rejected TLS12 256 bits ADH-CAMELLIA256-SHA
Rejected TLS12 256 bits ECDH-RSA-AES256-GCM-SHA384
Rejected TLS12 256 bits ECDH-ECDSA-AES256-GCM-SHA384
Rejected TLS12 256 bits ECDH-RSA-AES256-SHA384
Rejected TLS12 256 bits ECDH-ECDSA-AES256-SHA384
Rejected TLS12 256 bits ECDH-RSA-AES256-SHA
Rejected TLS12 256 bits ECDH-ECDSA-AES256-SHA
Accepted TLS12 256 bits AES256-GCM-SHA384
Accepted TLS12 256 bits AES256-SHA256
Accepted TLS12 256 bits AES256-SHA
Accepted TLS12 256 bits CAMELLIA256-SHA
Failed TLS12 256 bits PSK-AES256-CBC-SHA
Rejected TLS12 128 bits ECDHE-RSA-AES128-GCM-SHA256
Rejected TLS12 128 bits ECDHE-ECDSA-AES128-GCM-SHA256
Rejected TLS12 128 bits ECDHE-RSA-AES128-SHA256
Rejected TLS12 128 bits ECDHE-ECDSA-AES128-SHA256
Rejected TLS12 128 bits ECDHE-RSA-AES128-SHA
Rejected TLS12 128 bits ECDHE-ECDSA-AES128-SHA
Rejected TLS12 128 bits DH-DSS-AES128-GCM-SHA256
Rejected TLS12 128 bits DHE-DSS-AES128-GCM-SHA256
Rejected TLS12 128 bits DH-RSA-AES128-GCM-SHA256
Rejected TLS12 128 bits DHE-RSA-AES128-GCM-SHA256
Rejected TLS12 128 bits DHE-RSA-AES128-SHA256
Rejected TLS12 128 bits DHE-DSS-AES128-SHA256
Rejected TLS12 128 bits DH-RSA-AES128-SHA256
Rejected TLS12 128 bits DH-DSS-AES128-SHA256
Rejected TLS12 128 bits DHE-RSA-AES128-SHA
Rejected TLS12 128 bits DHE-DSS-AES128-SHA
Rejected TLS12 128 bits DH-RSA-AES128-SHA
Rejected TLS12 128 bits DH-DSS-AES128-SHA
Rejected TLS12 128 bits DHE-RSA-SEED-SHA
Rejected TLS12 128 bits DHE-DSS-SEED-SHA
Rejected TLS12 128 bits DH-RSA-SEED-SHA
Rejected TLS12 128 bits DH-DSS-SEED-SHA
Rejected TLS12 128 bits DHE-RSA-CAMELLIA128-SHA
Rejected TLS12 128 bits DHE-DSS-CAMELLIA128-SHA
Rejected TLS12 128 bits DH-RSA-CAMELLIA128-SHA
Rejected TLS12 128 bits DH-DSS-CAMELLIA128-SHA
Rejected TLS12 128 bits AECDH-AES128-SHA
Rejected TLS12 128 bits ADH-AES128-GCM-SHA256
Rejected TLS12 128 bits ADH-AES128-SHA256
Rejected TLS12 128 bits ADH-AES128-SHA
Rejected TLS12 128 bits ADH-SEED-SHA
Rejected TLS12 128 bits ADH-CAMELLIA128-SHA
Rejected TLS12 128 bits ECDH-RSA-AES128-GCM-SHA256
Rejected TLS12 128 bits ECDH-ECDSA-AES128-GCM-SHA256
Rejected TLS12 128 bits ECDH-RSA-AES128-SHA256
Rejected TLS12 128 bits ECDH-ECDSA-AES128-SHA256
Rejected TLS12 128 bits ECDH-RSA-AES128-SHA
Rejected TLS12 128 bits ECDH-ECDSA-AES128-SHA
Accepted TLS12 128 bits AES128-GCM-SHA256
Accepted TLS12 128 bits AES128-SHA256
Accepted TLS12 128 bits AES128-SHA
Rejected TLS12 128 bits SEED-SHA
Accepted TLS12 128 bits CAMELLIA128-SHA
Failed TLS12 128 bits PSK-AES128-CBC-SHA
Rejected TLS12 112 bits ECDHE-RSA-DES-CBC3-SHA
Rejected TLS12 112 bits ECDHE-ECDSA-DES-CBC3-SHA
Rejected TLS12 112 bits EDH-RSA-DES-CBC3-SHA
Rejected TLS12 112 bits EDH-DSS-DES-CBC3-SHA
Rejected TLS12 112 bits DH-RSA-DES-CBC3-SHA
Rejected TLS12 112 bits DH-DSS-DES-CBC3-SHA
Rejected TLS12 112 bits AECDH-DES-CBC3-SHA
Rejected TLS12 112 bits ADH-DES-CBC3-SHA
Rejected TLS12 112 bits ECDH-RSA-DES-CBC3-SHA
Rejected TLS12 112 bits ECDH-ECDSA-DES-CBC3-SHA
Rejected TLS12 112 bits DES-CBC3-SHA
Rejected TLS12 112 bits IDEA-CBC-SHA
Failed TLS12 112 bits PSK-3DES-EDE-CBC-SHA
Failed TLS12 112 bits KRB5-IDEA-CBC-SHA
Failed TLS12 112 bits KRB5-DES-CBC3-SHA
Failed TLS12 112 bits KRB5-IDEA-CBC-MD5
Failed TLS12 112 bits KRB5-DES-CBC3-MD5
Rejected TLS12 112 bits ECDHE-RSA-RC4-SHA
Rejected TLS12 112 bits ECDHE-ECDSA-RC4-SHA
Rejected TLS12 112 bits AECDH-RC4-SHA
Rejected TLS12 112 bits ADH-RC4-MD5
Rejected TLS12 112 bits ECDH-RSA-RC4-SHA
Rejected TLS12 112 bits ECDH-ECDSA-RC4-SHA
Rejected TLS12 112 bits RC4-SHA
Rejected TLS12 112 bits RC4-MD5
Failed TLS12 112 bits PSK-RC4-SHA
Failed TLS12 112 bits KRB5-RC4-SHA
Failed TLS12 112 bits KRB5-RC4-MD5
Rejected TLS12 0 bits ECDHE-RSA-NULL-SHA
Rejected TLS12 0 bits ECDHE-ECDSA-NULL-SHA
Rejected TLS12 0 bits AECDH-NULL-SHA
Rejected TLS12 0 bits ECDH-RSA-NULL-SHA
Rejected TLS12 0 bits ECDH-ECDSA-NULL-SHA
Rejected TLS12 0 bits NULL-SHA256
Rejected TLS12 0 bits NULL-SHA
Rejected TLS12 0 bits NULL-MD5
Preferred Server Cipher(s):
TLS12 256 bits AES256-GCM-SHA384
SSL Certificate:
Certificate blob:
-----BEGIN CERTIFICATE-----
MIIFCDCCAvCgAwIBAgIUbC1TGimiVcg9+8jgC3ncCgHPMvIwDQYJKoZIhvcNAQEL
BQAwFDESMBAGA1UEAwwJSWNpbmdhIENBMB4XDTE5MDcxMjA2NDU1OFoXDTM0MDcw
ODA2NDU1OFowKjEoMCYGA1UEAwwfaWNpbmdhMi52YWdyYW50LmRlbW8uaWNpbmdh
LmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANko8VKorQAMQsDK
GJZPeHg2eWXgphyR+hgQlYUzfbxtxjup9CqGGWkfQhIn4mNeIQuAWqMm+kUb9Aso
HYvlY41rEGHoJFm/hyQddenfvNzq76D8V2IcEXR3WN2B8iNdYmsSOnHNOxlNp5Se
vWwYd/13r0ylspW0rTqFnhGW/gclhwdkDq5BZZwvOkDOzNZfuX4++K8AxOB6R0P0
BH1LD4Pazk+zIqZNN8V/C8QUNNulnUiPRwPyXU4R3bTEAWlfEGLd8IFAIKqBthRU
S1Y+DuunIq/YNV1CaIP31CCUfzU5+fLkIei11K7G5XjLglE8Kdgsuagf07UTufVo
HyHVyZ8kNZV3FkMvlWQ3pihG8dNNS0yJGvPpjKv5XCYXMVzWjGWxzkdUpcMWxpn7
56V0jL9RT1WqSizSP//hrNCi9LZ2X0IL7T/pI/kE5gPGfLnFtXMfFVmTnsHHU/7z
xVHVPki+U0JcmR6jRLgllueP4EB7tWnK+5H1e8QWJ6JxyodF8XBD6luMmYul05OS
OSe8LtufapoW5oKPqTUGKwBzXlDSY49Zbxi4fsZ4ZBlRQ+7UMB9WQRxVOMd5utyO
f9Ij2hBS1bF7N6c85dfZ32owQoyH7L0chgitxEauCAB0LfQrZ0FuWQD5gy/fCP7T
ImppeQF3QCy7zuL1fB8S5IVnMNtBAgMBAAGjPDA6MAwGA1UdEwEB/wQCMAAwKgYD
VR0RBCMwIYIfaWNpbmdhMi52YWdyYW50LmRlbW8uaWNpbmdhLmNvbTANBgkqhkiG
9w0BAQsFAAOCAgEANMf0i2sIh4RPFij6ZPGde92MLx3EiVJqdeQg+Daasku0DixZ
PuDb/7zk8VLyYQWligeFaBqcTSmzk/Ju+yZPtGHs8ezzlWwKDkdok+C8k/CYqzvt
d81vzdS/cpjHcsZEVdyCABZ5hQDAs6hkl1v5nHC5hLllhGQePmFsfvLacDor8x1a
lX7qDR03UOqxj8yIFdUoL+37S6I9X9A+5OHD+gOjvgpOUdfiJr5i9DYQWDAqR+1a
xGwq3FoHqHd3rS5ELp4TwfvqFSNKw+LpUaj1O9ZuDVNeU5lAlfBrovYO8YpedJpd
jmfm6hpZhVpPa1vFtkF2xo/yt+y/J2wvBwVDKKAgsfUAXyoGss4RqyBplJWBNkey
+iZi2aPeGfq/9ASBOWIQaASvltNdXDWqLLEGsNXoUS0+UTDtsLRbbdvEkAS00ho5
i3G1i3Ep4j0+lZ7YsFTD4nY9YTdSOkG3acF12INcMuO8lF4IUdgFSU2iqyQeien5
SG9GYCWi9YnzwPKN2qigxDY3Anaw06u7kkvxFIQO+hiehvv4QLIQUmmx8KT0lZQ2
hsVodd5pylIP6YJkeq/kCrLRNn9T606D8DmDsS2a6y0v1+J1gbdH+SNI/IholyyJ
HEqW/+JoMJl3ZRNs2rN8HbVjRDc+EpL753xDF13KhsNOZC0WjaJoTwESjJg=
-----END CERTIFICATE-----
Version: 2
Serial Number: 6c:2d:53:1a:29:a2:55:c8:3d:fb:c8:e0:0b:79:dc:0a:01:cf:32:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: /CN=Icinga CA
Not valid before: Jul 12 06:45:58 2019 GMT
Not valid after: Jul 8 06:45:58 2034 GMT
Subject: /CN=icinga2.vagrant.demo.icinga.com
Public Key Algorithm: rsaEncryption
RSA Public Key: (4096 bit)
Public-Key: (4096 bit)
Modulus:
00:d9:28:f1:52:a8:ad:00:0c:42:c0:ca:18:96:4f:
78:78:36:79:65:e0:a6:1c:91:fa:18:10:95:85:33:
7d:bc:6d:c6:3b:a9:f4:2a:86:19:69:1f:42:12:27:
e2:63:5e:21:0b:80:5a:a3:26:fa:45:1b:f4:0b:28:
1d:8b:e5:63:8d:6b:10:61:e8:24:59:bf:87:24:1d:
75:e9:df:bc:dc:ea:ef:a0:fc:57:62:1c:11:74:77:
58:dd:81:f2:23:5d:62:6b:12:3a:71:cd:3b:19:4d:
a7:94:9e:bd:6c:18:77:fd:77:af:4c:a5:b2:95:b4:
ad:3a:85:9e:11:96:fe:07:25:87:07:64:0e:ae:41:
65:9c:2f:3a:40:ce:cc:d6:5f:b9:7e:3e:f8:af:00:
c4:e0:7a:47:43:f4:04:7d:4b:0f:83:da:ce:4f:b3:
22:a6:4d:37:c5:7f:0b:c4:14:34:db:a5:9d:48:8f:
47:03:f2:5d:4e:11:dd:b4:c4:01:69:5f:10:62:dd:
f0:81:40:20:aa:81:b6:14:54:4b:56:3e:0e:eb:a7:
22:af:d8:35:5d:42:68:83:f7:d4:20:94:7f:35:39:
f9:f2:e4:21:e8:b5:d4:ae:c6:e5:78:cb:82:51:3c:
29:d8:2c:b9:a8:1f:d3:b5:13:b9:f5:68:1f:21:d5:
c9:9f:24:35:95:77:16:43:2f:95:64:37:a6:28:46:
f1:d3:4d:4b:4c:89:1a:f3:e9:8c:ab:f9:5c:26:17:
31:5c:d6:8c:65:b1:ce:47:54:a5:c3:16:c6:99:fb:
e7:a5:74:8c:bf:51:4f:55:aa:4a:2c:d2:3f:ff:e1:
ac:d0:a2:f4:b6:76:5f:42:0b:ed:3f:e9:23:f9:04:
e6:03:c6:7c:b9:c5:b5:73:1f:15:59:93:9e:c1:c7:
53:fe:f3:c5:51:d5:3e:48:be:53:42:5c:99:1e:a3:
44:b8:25:96:e7:8f:e0:40:7b:b5:69:ca:fb:91:f5:
7b:c4:16:27:a2:71:ca:87:45:f1:70:43:ea:5b:8c:
99:8b:a5:d3:93:92:39:27:bc:2e:db:9f:6a:9a:16:
e6:82:8f:a9:35:06:2b:00:73:5e:50:d2:63:8f:59:
6f:18:b8:7e:c6:78:64:19:51:43:ee:d4:30:1f:56:
41:1c:55:38:c7:79:ba:dc:8e:7f:d2:23:da:10:52:
d5:b1:7b:37:a7:3c:e5:d7:d9:df:6a:30:42:8c:87:
ec:bd:1c:86:08:ad:c4:46:ae:08:00:74:2d:f4:2b:
67:41:6e:59:00:f9:83:2f:df:08:fe:d3:22:6a:69:
79:01:77:40:2c:bb:ce:e2:f5:7c:1f:12:e4:85:67:
30:db:41
Exponent: 65537 (0x10001)
X509v3 Extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Alternative Name:
DNS:icinga2.vagrant.demo.icinga.com
Verify Certificate:
self signed certificate in certificate chainConnecting from 2.10.5 to my macOS instance with the latest 2.11 branch:
[root@icinga2 ~]# openssl s_client -connect 192.168.242.107:5665
CONNECTED(00000003)
depth=1 CN = Icinga CA
verify error:num=19:self signed certificate in certificate chain
---
Certificate chain
0 s:/CN=mbpmif.int.netways.de
i:/CN=Icinga CA
1 s:/CN=Icinga CA
i:/CN=Icinga CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIE9DCCAtygAwIBAgIUMYfUTSHG0pH4M0OW1a/cl4Y2x24wDQYJKoZIhvcNAQEL
BQAwFDESMBAGA1UEAwwJSWNpbmdhIENBMB4XDTE5MDcxMTE1MzM1OVoXDTM0MDcw
NzE1MzM1OVowIDEeMBwGA1UEAwwVbWJwbWlmLmludC5uZXR3YXlzLmRlMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvSyYy+C7aBxlVPNgeU7EmgJboMfV
CdfR2wI/KSzFV/TPycC0zud+JUdu1bQwjNUe0vJnWxPd9gmqtGf8exLhAwMwXTh6
VETANvN64FcLYAHJegTdYnOamiF1MFakS52ZX5snud1RK5lxqMiV7UluOVI6puO8
YZfZzyJ7U8LGQFb49PRyf5h9zruzYAJvwrDhWwh28C/pmsDIWvJUZAXSkqby7TaB
qGtmIrTQ9hjiodOQoaoszHIOZhl9yF4vgJv2Ha/vdev9Hpe+J2O2/PX13Nk5JCAJ
6+p9lbryPoEi3vuerVkeuqvL+hlMqxAKqif8ukwLNBS091PwUygpkfsNW+oRalKA
NAbwJmZvucuEQey7VDNsrsccUp6oh21IC4LTH3JiMGTpTlJu/A9GuaW4585k8iP7
ZoUUA5UuZDYNZfNDAXvSjzrRD8kKJT2hrx1xw+gGxqohnkyR9KLFf6gGC/Q+WGRF
YtlNflakqjZXfqQOiIQQNM29eqrPtS1sGXXkgMaTTnpTQV52IkSVBQemWC5kP9V9
ch0YQ3uSKgM7ohaWNqOBVzBRH9swmctiR7CmHJcGBKPXr3uhHKwKodE+IoIv+jvS
mVTgvydS16SVCWxbGdw9pMK04sKQceY8EYJXfGta524X+iXDlbuvrN4twHrFhSSW
EEhbCcbx8XnVbhMCAwEAAaMyMDAwDAYDVR0TAQH/BAIwADAgBgNVHREEGTAXghVt
YnBtaWYuaW50Lm5ldHdheXMuZGUwDQYJKoZIhvcNAQELBQADggIBAIN6ZkZHZT3n
AvIHSJ/aQiUa35K96GeYmHPFKEuSIDkq1uQua9dls+eKKiBnSiciXgJgKatD8L7v
IcHNUwLQwkMXzZn7v7yE0zR2KCqrB8NvAZDAvEirSwpcnH2Br/gBGUFIEa5Zrc9f
4N1beU2O/4tCa29bC5T+G+uj5hPLwIQ/Vg67RfZrhvyCqPeHCQRtWhW6dJtXtqBp
Q0n1QSMnc8AyEKSg7fKqS8pn5IkmD7MPSf5SN7HOw/BbtDfNoCJI3MzcLHJNor3q
c9xgQDdesvvXcYpnBprOFW106vXKSlla4UJXSFgJawyQ1BhtSpg40Q3AQfF0tFJ+
9gqb26FPGURCewAG4msWmGE0MYp0NgXYzAAVXWUI2b5LN0ImtT0T4DcEbmW98BqW
NhTHyO1WNhmH44okd9R3KY7bYTBV97nJwuyGFMbZoQD5AMpmM3PXOODojIM2TESN
oWbOYjSC3rkTaL7fgzCFTWMleo9OTedFvsoO8CqnH5rh3sj7NxrqgOEQw4ZMf1X+
JLMhKwpIUyB+401oHdwcT8BjOAUMPDxioag0ldUBv2rY1VCMgokihrTwhJji7k4i
jPUsgTbW4eiz2yic3joTmdu05f8HE7Tc+SwzSp7hbw4bJIG/k/uSTqhEQ7tUmvc3
V0Bn0iYkXxoue2c6KJnxoUw5/kbJzvXa
-----END CERTIFICATE-----
subject=/CN=mbpmif.int.netways.de
issuer=/CN=Icinga CA
---
Acceptable client certificate CA names
/CN=Icinga CA
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:0x07+0x08:0x08+0x08:0x09+0x08:0x0A+0x08:0x0B+0x08:0x04+0x08:0x05+0x08:0x06+0x08:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:ECDSA+SHA1:RSA+SHA224:RSA+SHA1:DSA+SHA224:DSA+SHA1:DSA+SHA256:DSA+SHA384:DSA+SHA512
Shared Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:ECDSA+SHA1:RSA+SHA224:RSA+SHA1:DSA+SHA224:DSA+SHA1:DSA+SHA256:DSA+SHA384:DSA+SHA512
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3502 bytes and written 427 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 9F2BA00F992D46236FF9E848FEFBA3251889440A58EF49CA01C6C9D0D0EC03E0
Session-ID-ctx:
Master-Key: 769311204A6F141E0A1D9C7C9489BD100FF71FB274FEAF087396B7AED891BF31BE0417D7ACDAEA87B38C75880271CD2A
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - c8 74 9f 4c 37 5e 67 6b-07 5d 99 69 d3 64 ca 69 .t.L7^gk.].i.d.i
0010 - c9 d8 1f 8a 95 59 ff fe-6e 3e 66 6a 05 19 11 b2 .....Y..n>fj....
0020 - d5 10 21 29 df c8 7a 3b-7c 0e 96 34 86 4e 0f 6f ..!)..z;|..4.N.o
0030 - dd 82 56 29 9f 96 01 01-89 82 1f c1 dc 89 d9 fc ..V)............
0040 - 0f b0 b0 fe 44 67 32 60-bc ec dd b9 d4 fe fd 7e ....Dg2`.......~
0050 - e6 04 d4 3f a7 e9 6b d5-7b b9 7c f2 7b f1 2a a2 ...?..k.{.|.{.*.
0060 - 0c a3 03 f4 05 e2 aa 9b-ef 0f 36 58 05 e9 d9 b5 ..........6X....
0070 - 50 7d d8 d4 60 80 ca 83-94 2c d7 c2 67 8b 4e 13 P}..`....,..g.N.
0080 - 22 18 7f d1 06 00 b3 d0-81 ed b5 fd ce a4 55 9c ".............U.
0090 - ba a9 44 37 00 ed 34 fa-47 82 0a 5b cd 44 be 77 ..D7..4.G..[.D.w
Start Time: 1562915123
Timeout : 300 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
---[2019-07-12 09:05:23 +0200] information/ApiListener: New client connection from [::ffff:192.168.242.107]:63174 (no client certificate)
[2019-07-12 09:06:30 +0200] warning/JsonRpcConnection: API client disconnected for identity ''So, the RSA cipher is still in the list for 2.10.5, and the handshake succeeds.
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384The main difference here is that macOS still uses OpenSSL 1.0.2, while Debian Buster uses 1.1.1.
dnsmichi
commented
5 years ago Nevermind, I'm using OpenSSL 1.1.0 already on macOS.
michi@Michaels-MacBook-Pro ~/dev/icinga/icinga2 (master=) $ otool -L /usr/local/icinga/icinga2/lib/icinga2/sbin/icinga2
/usr/local/icinga/icinga2/lib/icinga2/sbin/icinga2:
/usr/local/opt/boost/lib/libboost_context-mt.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/local/opt/boost/lib/libboost_coroutine-mt.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/local/opt/boost/lib/libboost_date_time-mt.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/local/opt/boost/lib/libboost_filesystem-mt.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/local/opt/boost/lib/libboost_thread-mt.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/local/opt/boost/lib/libboost_system-mt.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/local/opt/boost/lib/libboost_program_options-mt.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/local/opt/boost/lib/libboost_regex-mt.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/local/opt/boost/lib/libboost_chrono-mt.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/local/opt/boost/lib/libboost_atomic-mt.dylib (compatibility version 0.0.0, current version 0.0.0)
/usr/local/opt/openssl@1.1/lib/libssl.1.1.dylib (compatibility version 1.1.0, current version 1.1.0)
/usr/local/opt/openssl@1.1/lib/libcrypto.1.1.dylib (compatibility version 1.1.0, current version 1.1.0)
/usr/lib/libedit.3.dylib (compatibility version 2.0.0, current version 3.0.0)
/usr/lib/libncurses.5.4.dylib (compatibility version 5.4.0, current version 5.4.0)
/usr/lib/libc++.1.dylib (compatibility version 1.0.0, current version 400.9.4)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1252.250.1)Tried to reproduce your setup with
Both are fresh setups, newly created certificates on the master. The satellite uses node wizard while the master signs the certificate.
Master icinga2-debian10.vagrant.demo.icinga.com
[2019-07-12 08:22:55 +0000] information/ApiListener: New client connection for identity 'icinga2.vagrant.demo.icinga.com' from [192.168.33.5]:42140 (certificate validation failed: code 18: self signed certificate)
[2019-07-12 08:22:56 +0000] information/JsonRpcConnection: Received certificate request for CN 'icinga2.vagrant.demo.icinga.com' not signed by our CA.
[2019-07-12 08:22:56 +0000] information/JsonRpcConnection: Sending certificate response for CN 'icinga2.vagrant.demo.icinga.com' to endpoint 'icinga2.vagrant.demo.icinga.com'.
[2019-07-12 08:22:56 +0000] warning/JsonRpcConnection: API client disconnected for identity 'icinga2.vagrant.demo.icinga.com'Satellite icinga2.vagrant.demo.icinga.com
[2019-07-12 10:23:22 +0200] information/JsonRpcConnection: Updating CA certificate in '/var/lib/icinga2/certs//ca.crt'.
[2019-07-12 10:23:22 +0200] information/JsonRpcConnection: Updating client certificate for CN 'icinga2.vagrant.demo.icinga.com' in '/var/lib/icinga2/certs//icinga2.vagrant.demo.icinga.com.crt'.
[2019-07-12 10:23:22 +0200] information/JsonRpcConnection: Updating the client certificate for CN 'icinga2.vagrant.demo.icinga.com' at runtime and reconnecting the endpoints.
[2019-07-12 10:23:22 +0200] warning/JsonRpcConnection: API client disconnected for identity 'icinga2-debian10.vagrant.demo.icinga.com'
[2019-07-12 10:23:22 +0200] warning/JsonRpcConnection: API client disconnected for identity 'icinga2-debian10.vagrant.demo.icinga.com'Output of openssl s_client -cipher (all ciphers) against icinga 2.10.4:
Testing AES256-GCM-SHA384...YES
Testing AES128-GCM-SHA256...YES
Testing AES256-SHA256...YES
Testing AES128-SHA256...YES
Testing AES256-SHA...YES
Testing CAMELLIA256-SHA...YES
Testing AES128-SHA...YES
Testing CAMELLIA128-SHA...YES
So no shared cipher is correct, icinga 2.10.4 seems to only support insecure ciphers :o
The other ciphers fail with "sslv3 alert handshake failure" but when using just openssl s_server, the list of shared and accepted ciphers is longer but using that list for the ApiListener yields no different effect.
Crunsher
commented
5 years ago Using s_server and s_client with the certificates... works: Server (1.0.2k)
[root@icinga2 certs]# openssl s_server -cert icinga2.vagrant.demo.icinga.com.crt -key icinga2.vagrant.demo.icinga.com.key -accept 5665
Using default temp DH parameters
ACCEPT
-----BEGIN SSL SESSION PARAMETERS-----
MFUCAQECAgMDBALAMAQABDCrSiqCAhKzq594KW5OquRb1iZN5OG9W85nWNYbNFXM
cmtywWZpTHUF7p6nWruEJWGhBgIEXShYK6IEAgIBLKQGBAQBAAAA
-----END SSL SESSION PARAMETERS-----
Shared ciphers:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA
Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:0x07+0x08:0x08+0x08:0x09+0x08:0x0A+0x08:0x0B+0x08:0x04+0x08:0x05+0x08:0x06+0x08:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:DSA+SHA256:DSA+SHA384:DSA+SHA512
Shared Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:DSA+SHA256:DSA+SHA384:DSA+SHA512
Supported Elliptic Curve Point Formats: uncompressed:ansiX962_compressed_prime:ansiX962_compressed_char2
Supported Elliptic Curves: 0x001D:P-256:0x001E:P-521:P-384
Shared Elliptic curves: P-256:P-521:P-384
CIPHER is ECDHE-RSA-AES256-GCM-SHA384
Secure Renegotiation IS supportedClient (1.1.1c)
dflach@dfws ~/i2/var/lib/icinga2/certs$ openssl s_client -cert dfws.crt -key dfws.key -connect 192.168.33.5:5665 130 ↵
CONNECTED(00000003)
Can't use SSL_get_servername
depth=0 CN = icinga2.vagrant.demo.icinga.com
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = icinga2.vagrant.demo.icinga.com
verify return:1
---
Certificate chain
0 s:CN = icinga2.vagrant.demo.icinga.com
i:CN = icinga2.vagrant.demo.icinga.com
---
Server certificate
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
subject=CN = icinga2.vagrant.demo.icinga.com
issuer=CN = icinga2.vagrant.demo.icinga.com
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 2225 bytes and written 409 bytes
Verification error: self signed certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: FA75B41E835253C1DCFC4B0EFC130C3FBFDA28F0474B5EF64CA426845B341508
Session-ID-ctx:
Master-Key: AB4A2A820212B3AB9F78296E4EAAE45BD6264DE4E1BD5BCE6758D61B3455CC726B72C166694C7505EE9EA75ABB842561
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - b8 0d 2e de f5 58 9e c3-d4 95 72 a9 97 ad 7f 12 .....X....r.....
0010 - a8 6b c3 c4 0d b3 eb c5-38 09 62 bd 3e 11 4d 71 .k......8.b.>.Mq
0020 - 83 95 3d fe f1 58 a2 8d-19 af 8a 20 ba cf 69 53 ..=..X..... ..iS
0030 - a0 11 d1 b6 7d 6c 9e f8-30 d9 28 5f 3c f1 00 bd ....}l..0.(_<...
0040 - 33 b0 a3 91 61 42 68 e8-a1 42 5c 0b 69 4a 94 2d 3...aBh..B\.iJ.-
0050 - 3e f0 a4 bb b6 44 0d 15-98 cd ab 12 d8 e2 52 a7 >....D........R.
0060 - 08 aa 36 4f 28 44 92 f4-30 68 83 c5 bb a6 a6 2b ..6O(D..0h.....+
0070 - ae 28 b7 88 4e 61 89 e4-bb 2d 22 3a 55 46 8e ec .(..Na...-":UF..
0080 - 06 48 6f 3c 33 62 99 0b-98 e4 c6 18 bf f1 ab 6d .Ho<3b.........m
0090 - c4 e5 21 e0 26 84 43 ce-34 84 55 6b 3b 45 37 ce ..!.&.C.4.Uk;E7.
Start Time: 1562925099
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
Extended master secret: no
---
read:errno=0Fail with self signed certificate is expected, but a connection is made.
Crunsher
commented
5 years ago To make sure this really is about ciphers I put 'AES256-GCM-SHA384' in the cipher_list of both ApiListeners and it works.
My next steps are using a custom 2.10.5 build with more logging and applying the epileptic curve patch.
Crunsher
commented
5 years ago When I built icinga 2.10.5 from source on the centos7 dev box, the issue does not occur. I'm starting to think there might be something wrong with my vagrant setup. I will give it one more try with a fresh box, if the problem vanishes I think we can close this in the hopes nobodies setup is as borked as mine.
dnsmichi
commented
5 years ago You might want to try the linked PR on your Debian Buster instance, this one logs the cipher list from memory after setting it.
Crunsher
commented
5 years ago Just finished rebuilding the vagrant box, no more issues. Sometime while using the box something must have broken badly. This caused a lot of confusion and the affected machine is gone now.
dnsmichi
commented
5 years ago While testing your setup, it might also be an idea to test specific cipher groups.
Does e.g. the following work on both master and agent?
openssl ciphers -v '!aNULL:!eNULL:!CAMELLIA:HIGH:@STRENGTH' | grep 1.Closing this as not a bug
dnsmichi
commented
5 years ago A follow up conclusion if we ever look into this again:
cipher_list attribute on the ApiListener objectopenssl ciphers, this is not necessarily the same as the server loads. Use tools like sslscan to test against specific cipher suites and their support.And while reflecting this again, I think I've found a possible regression - SetTlsProtocolminToSSLContext() forcefully sets the SSL context options. This overrides any previous options including server side ciphers, etc. This may have had an influence to this ticket.
Also, RequestCertificate() and CLI variants use the tlsv12 context, but don't disallow tlsv1 via the options (only set via the ApiListener client roles). This may have had an influence as well.
Coming from this analysis, I'll prepare two PRs for
@lippserd @bobapple
Describe the bug
No API connection with error 'no shared cipher'
To Reproduce
Provide a link to a live example, or an unambiguous set of steps to reproduce this bug. Include configuration, logs, etc. to reproduce, if relevant.
Expected behavior
Connection works or correct error message is sused
Your Environment
Include as many relevant details about the environment you experienced the problem in
icinga2 --version): 2.10.4-x snapshot and 2.10.5-x snapshotobject Endpoint "icinga2-master1.vagrant.demo.icinga.com" { host = "192.168.33.101" }
object Endpoint "icinga2-satellite1.vagrant.demo.icinga.com" { host = "192.168.33.102" }
object Zone "master" { endpoints = [ "dfws", "icinga2-master1.vagrant.demo.icinga.com", ] }
[2019-07-03 11:46:52 +0200] critical/ApiListener: Client TLS handshake failed (from [192.168.33.1]:36966): Error: no shared cipher
jflach@dfws ~/i2/var/lib/icinga2/certs$ openssl s_server -key dfws.key -cert dfws.crt
Using default temp DH parameters ACCEPT -----BEGIN SSL SESSION PARAMETERS----- MFUCAQECAgMDBALAMAQABDBNW9Kc409MsHoCZfvxGHBAQCQ0TLIRU9ZfG7+cUqec cHsJfHsfhsw3xQ+8xZRMo+KhBgIEXRySVqIEAgIcIKQGBAQBAAAA -----END SSL SESSION PARAMETERS----- Shared ciphers:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224:RSA+SHA1:DSA+SHA1:ECDSA+SHA1 Shared Signature Algorithms: RSA+SHA512:DSA+SHA512:ECDSA+SHA512:RSA+SHA384:DSA+SHA384:ECDSA+SHA384:RSA+SHA256:DSA+SHA256:ECDSA+SHA256:RSA+SHA224:DSA+SHA224:ECDSA+SHA224 Supported Elliptic Curve Point Formats: uncompressed:ansiX962_compressed_prime:ansiX962_compressed_char2 Supported Elliptic Groups: P-256:P-521:P-384:secp256k1 Shared Elliptic groups: P-256:P-521:P-384
No server certificate CA names sent CIPHER is ECDHE-RSA-AES256-GCM-SHA384 Secure Renegotiation IS supported
======
[root@icinga2-master1 ~]# openssl s_client -connect 192.168.33.1:4433 CONNECTED(00000003) depth=0 CN = dfws verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 CN = dfws verify error:num=21:unable to verify the first certificate verify return:1
Certificate chain 0 s:/CN=dfws i:/CN=Icinga CA
Server certificate -----BEGIN CERTIFICATE----- MIIE0zCCArugAwIBAgIVAN/6dS4gL/oVw91EGUIORAUaKk1+MA0GCSqGSIb3DQEB CwUAMBQxEjAQBgNVBAMMCUljaW5nYSBDQTAeFw0xOTA3MDIwOTE5MzZaFw0zNDA2 MjgwOTE5MzZaMA8xDTALBgNVBAMMBGRmd3MwggIiMA0GCSqGSIb3DQEBAQUAA4IC DwAwggIKAoICAQDQT9I0WiHvaZMmq56zXlw7Mzx8FnOFnwQxbKuHgWk7QgZ+eCog MUH56c1oniGOq9OhVbHOPGrdZYSnirv2fn5BH9SD+JNpIs5OWQkWuHGoz3hpnZqx k3urOx0jHjcWD4Lsb7BHPa2auXJW/lScOcEhyNhLr3KtLVtI7Anar7whD2KTS7FK FZgraHl6sMnCTgyKHC0UARW5ry4dDwRxDySze1yaz09NsCGzm01g8Z5YAFzXaxHF VbFNGf2IT77Q4KRbbfplRRSk4kuz1nGYDpM+ixQ8Yj/6hc3CPaub/gKlDjYwRc7N 8TrVtiKlHR4Aj3xaODzkzAlYgG9Vo8mlbvQDvH2HNkvTDMHEMJ/7cyt8UfDWmX9h jj7wZ9UXYITuNvT+/8F5WMMZhlCksxhNxjOrGYSAxOvfEScQ65ohIMlU1ia5fL48 tNxD7SsUvNTPjDx7VXe1djj3JvibAkSD13a/xFaOVGnRBaMNzu+aCPsS22lMYgZT FrkdT4tYYymbjiUBZPuHF6DBxIh+KhBL5kBMrJW3uIPGZRfjq8wlYy1dl347DjE+ +bGWKialtxwu1E9I2vBX3Jm253kuPKpe6HK42M6GbgIoDf+8jiq9awIf4zFqYA75 nR/mqyoCwIEvg1AwmW8hOqaGAosf9aBhb6TRlNpQughzJHnwT4Vx3eALhQIDAQAB oyEwHzAMBgNVHRMBAf8EAjAAMA8GA1UdEQQIMAaCBGRmd3MwDQYJKoZIhvcNAQEL BQADggIBAHjp113YTlPkrgIkDON9n3J39g0Y90XgefP9RH2lsqn+5RQvPQVfhprf n3v/ArspL+VXO7DrGBQjZ8nf7EvjIFsgAq6AlX/4tf8+ciSf+YpQe8A4dkMu4c4x IMMxSWjaH9KWbSRZNrIXOo9Dj2N/AOrml2kg7Ga9b1nxivmxic+VW+pGxYX9gF5W KT+NLP52r9C9mhO7E9TQ8aFAYJuulq+6RjTt9C3NOu8LpN9Ru5tGnZjXJKooji3L xhXkLKk0RiVe9Hp/uSG/ajaO8pZHFH0kqh39O54G7M+eZy17j7qoK+h2X+LDpXh8 x1T8VTZKnkOfPdrJR5z0NgMlEHkIDgy7MQCvRCUCmjwSuKSh8x4YRAUHq99fjJ6/ CJFf4ClF/6KNZUGV1xFNHdIuCtrDFpB7scxpnFLae4zVTXbE4WJPOOCsDpdDlAhA QzNuZ2d31kRAfJtJE67OIF+3qEmuYaU+uD8WnrQCdSjj0fWepN/Lhx6VlNTnj3gd ji+d7U3K5Ca3nkcXLyeHOJmo3tkbS+CecBBGjn/WdknNKDcr/7k6FccA9HBqNjPc hS4Cx4ogzLdY9kC9qPqL7QGDksTbVzG2BtXtU7LfYzaoxpOkFjfnOft9V85E0+nt JNiHYAwsorXvH0+6MR3HJMTow0LudDd6Eu6JHXc3vQR2nCWfi+rT -----END CERTIFICATE----- subject=/CN=dfws issuer=/CN=Icinga CA
No client certificate CA names sent Peer signing digest: SHA512 Server Temp Key: ECDH, P-256, 256 bits
SSL handshake has read 2149 bytes and written 415 bytes
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 4096 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: DB792F5EEDDC0513A7D19604756F6C8018F9E8B2258B86741C5721AD8CA8737B Session-ID-ctx: Master-Key: A1B1756A6B55FBCDEE61B9654B8F5D148A4FF077B49CA9C787FCD99C0E06B75A91CCB91A0055615999B924608827B73D Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - 14 47 05 27 81 b8 85 6c-d2 91 96 c8 da c5 db e8 .G.'...l........ 0010 - 37 37 0d 06 2c f2 74 d5-21 97 18 ed a6 db be fd 77..,.t.!....... 0020 - 81 d1 d9 3b 04 34 5e 05-98 00 29 cb 78 91 12 9c ...;.4^...).x... 0030 - fd c8 f5 17 df 36 aa c6-63 38 4c 7e b1 36 92 63 .....6..c8L~.6.c 0040 - 56 d1 48 45 eb 2a 30 0e-73 4b f9 6c c3 26 27 48 V.HE.*0.sK.l.&'H 0050 - 7b 6c 68 21 40 ec 8b cb-0c 8a 4d 39 31 84 e0 51 {lh!@.....M91..Q 0060 - d3 e8 04 bc b0 76 bf ec-d3 84 b8 b0 98 a3 5d 31 .....v........]1 0070 - a9 78 0f 64 a1 09 37 a8-b1 14 b3 9f f0 c1 cc db .x.d..7......... 0080 - ab bf fd 8d 28 2b 26 c1-da a6 12 c8 78 e9 c6 cc ....(+&.....x... 0090 - f1 25 70 65 e4 89 2d ef-52 0d 03 b3 d1 41 17 45 .%pe..-.R....A.E