Re: [exim] DANE vs unknown CA

Top Page

Reply to this message
Author: Heiko Schlittermann
To: exim-users, Viktor Dukhovni
Subject: Re: [exim] DANE vs unknown CA
With the help of Wolfgang B and Jeremy we could resolve the issue.
It was introduced in d8e99d6047e709b35eabb1395c2046100d1a1dda and
relates to Exim Bug 2265

Several conditions had to be met to trigger this bug.

- The MX of the recipient's domain supports DANE (TLSA and DNSSEC) MX 1
                                            ~~~ EU!

- The MX of the recipient's domain responds to the SNI with the
recipient's domain with a certificate

        openssl s_client \
                -starttls smtp \
                -connect \
                -servername \
                -dane_tlsa_rrdata "3 1 1 7e95e999da41cdd250eb3f97c397bfdb087aeab914edbdf1b5b6c49457923048" \
                -dane_tlsa_domain ""

that doesn't match the TLSA record propagated for the MX: 3600 IN    TLSA    3 1 1 7E95E999DA41CDD250EB3F97C397BFDB087AEAB914EDBDF1B5B6C494 57923048

As far as I understand, that's totally legal. It was our fault to set
the SNI to the recipient's domain (, instead of the target
host (

Unfortunately the error message wasn't too helpful, especially the phrase "error in error":

    Dane verify_cert
    verify_callback_client_dane: BAD depth 1 /C=BE/O=GlobalSign nv-sa/CN=AlphaSSL CA - SHA256 - G2
     - err 20 'unable to get local issuer certificate'
    SSL3 alert write:fatal:unknown CA
*   SSL_connect: error in error
    Dane lib-cleanup
    TLS error '(SSL_connect): error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed'
    TLS session fail: (SSL_connect): error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
      DANE attempt failed; TLS connection to []: (SSL_connect): error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

I'm not sure if Exim can be improved here, of if we've to accept it. Though,
the command line is a bit more expressive here:

    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: 5D360ACF25EFD293AFA569AA64BDD24F142B863C98941873164E754D3ADDA8D5
    Master-Key: D2CC6C4D469A87CC0E4C45EC9418299A3D25EE36497BFFF6C0BA594F883AF998F6A77B55BB5CF89DD3C52BE08D566E90
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1620059017
    Timeout   : 7200 (sec)
    Verify return code: 65 (No matching DANE TLSA records)
    Extended master secret: no

For the upcoming 4.94.2 a patch is part of the 4.94.2+fixes branch
already. It will be cherry-picked to master soon.

Thank you again for your fast response yesterday.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -