All,
I have recently installed our COMODO 384-bit ECC PositiveSSL Widlcard
Certificate (*.thorcom.net) on relay1|relay2|relay3.thorcom.net and am
seeing lots of TLS errors:
(SSL_accept): error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no
shared cipher
followed by:
TLS client disconnected cleanly (rejected our certificate?)
from hosts that I'm fairly sure used to work ok with our old self-signed
2048-bit RSA cert.
Example:
2017-03-29 18:45:25 TLS error on connection from
358939-web3.datainterconnect.co.uk [92.52.73.71] (SSL_accept):
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:45:53 TLS error on connection from
358938-web2.datainterconnect.co.uk [92.52.73.70] (SSL_accept):
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:51:20 TLS error on connection from simone.ucs.mun.ca
[134.153.232.76] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:51:30 TLS error on connection from simone.ucs.mun.ca
[134.153.232.76] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:53:10 TLS error on connection from mx1.slc.paypal.com
(mx2.slc.paypal.com) [173.0.84.226] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:53:24 TLS error on connection from mx2.slc.paypal.com
(mx0.slc.paypal.com) [173.0.84.227] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:53:26 TLS error on connection from mx2.slc.paypal.com
(mx0.slc.paypal.com) [173.0.84.227] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:53:43 TLS error on connection from mx0.slc.paypal.com
[173.0.84.225] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:54:25 TLS error on connection from avasout05.plus.net
[84.93.230.250] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:54:36 TLS error on connection from mail.wia.org.au
(echo.vintek.net) [223.25.225.6] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:54:36 TLS error on connection from avasout05.plus.net
[84.93.230.250] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:58:14 TLS error on connection from
ng12-ip5.bullet.mail.ne1.yahoo.com [98.138.215.211] (SSL_accept):
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 18:58:25 TLS error on connection from msbadger0201.apple.com
[17.254.6.118] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 19:00:46 TLS error on connection from avasout05.plus.net
[84.93.230.250] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 19:00:46 TLS error on connection from avasout05.plus.net
[84.93.230.250] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 19:06:17 TLS error on connection from
mail-oln040092071039.outbound.protection.outlook.com
(EUR03-DB5-obe.outbound.protection.outlook.com) [40.92.71.39]
(SSL_accept): error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no
shared cipher
2017-03-29 19:06:18 TLS error on connection from avasout06.plus.net
[212.159.14.18] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 19:06:18 TLS error on connection from avasout06.plus.net
[212.159.14.18] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 19:09:18 TLS error on connection from
mail-sn1nam01on0075.outbound.protection.outlook.com
(NAM01-SN1-obe.outbound.protection.outlook.com) [104.47.32.75]
(SSL_accept): error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no
shared cipher
2017-03-29 19:10:48 TLS error on connection from avasout06.plus.net
[212.159.14.18] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 19:10:48 TLS error on connection from avasout06.plus.net
[212.159.14.18] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 19:10:49 TLS error on connection from avasout06.plus.net
[212.159.14.18] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 19:12:31 TLS error on connection from (mail.thorcom.co.uk)
[2a00:2381:19c6::2000] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2017-03-29 19:17:34 TLS error on connection from avasout06.plus.net
[212.159.14.18] (SSL_accept): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
I've left the repeated: TLS client disconnected cleanly (rejected our
certificate?) out of this as it adds nothing ...
This appears to suggest that the client is attempting SSLv3 (unless the
debug messages are misleading) however I have SSLv3 disabled in Exim config.
My config snippets:
#
# Enable TLS with strong ciphers
#
MAIN_TLS_ENABLE = true
# Comodo ECC new on 17-MAR-2017
tls_certificate = /........./thorcom.net-comodo-bundle.crt
tls_privatekey = /........./thorcom.net.key
# advertise TLS to everyone
tls_advertise_hosts = *
# Ciphers: all the EC and GCM first then degrade gracefully
tls_require_ciphers =
kEECDH+AESGCM:ECDH+AESGCM:DH+AESGCM:RSA+AESGCM:ECDH+AES:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:RC4+MEDIUM:!aNULL:!eNULL:!MD5:!DSS
# disable SSLv2 SSLv3 and compression - force server preference for ciphers
openssl_options = -all +no_sslv2 +no_sslv3 +no_compression
+cipher_server_preference
# advertise auth to TLS sessions only
auth_advertise_hosts = ${if eq {$tls_in_cipher}{}{}{*}}
Running the tests at ssl-tools.net:
https://ssl-tools.net/mailservers/relay1.thorcom.net
appears to show that everything is in order and that SLv3 is, in fact,
disabled:
Servers
Incoming Mails
These servers are responsible for incoming mails
to*@???*addresses.
Hostname / IP address Priority STARTTLS Certificates Protocol
relay1.thorcom.net
195.171.43.32
-
supported
*.thorcom.net
<https://ssl-tools.net/mailservers/relay1.thorcom.net#f4b04d03d0516cf01a5d7a771d4a4dc43779446d>
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
* TLSv1.2
* TLSv1.1
* TLSv1.0
* SSLv3
2017-03-17
3.0 s
relay1.thorcom.net
2a00:2381:19c6::3200
-
supported
*.thorcom.net
<https://ssl-tools.net/mailservers/relay1.thorcom.net#f4b04d03d0516cf01a5d7a771d4a4dc43779446d>
DANE
missing
PFS
supported
Heartbleed
not vulnerable
Weak ciphers
not found
* TLSv1.2
* TLSv1.1
* TLSv1.0
* SSLv3
2017-03-17
3.0 s
So, is the problem:
1. clients rejecting my ECC 384 bit certificate?
2. clients persisting in trying SSLv3 when it is, in fact, disabled
3. brain dead clients unable to use decent modern/strong/PFS
ciphers - some of which are mandated in TLSv1.0, v1.1 and v1.2
Mike