No shared cipher

Maxim Dounin mdounin at mdounin.ru
Thu May 10 13:09:16 UTC 2018 

Hello!

On Wed, May 09, 2018 at 02:10:04AM -0400, _gg_ wrote:

> Not sure if it's not more of an openssl/TLS 'issue'/question... 
> For some time I've been observing 
> 
> SSL_do_handshake() failed (SSL: error:1408A0C1:SSL
> routines:ssl3_get_client_hello:no shared cipher) while SSL handshaking 
> 
> in error.log while having 
> 
> ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2; 
> ssl_ciphers ALL:!aNULL; 
> 
> in configuration. 
> 
> Examining Client Hello packet reveals client supported ciphers: 
> Cipher Suites (9 suites) 
> Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8) 
> Cipher Suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc13) 
> Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) 
> Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) 
> Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) 
> Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c) 
> Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) 
> Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) 
> Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) 
> 
> I'm running
> nginx version: nginx/1.12.1 
> built by gcc 4.8.5 20150623 (Red Hat 4.8.5-11) (GCC) 
> built with OpenSSL 1.0.2k-fips 26 Jan 2017 
> TLS SNI support enabled 
> 
> According to 'openssl ciphers' the third cipher on the list is supported and
> yet server responds with: 
> TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake Failure) 
> Content Type: Alert (21) 
> Version: TLS 1.2 (0x0303) 
> Length: 2 
> Alert Message 
> Level: Fatal (2) 
> Description: Handshake Failure (40) 
> 
> Either I've messed up my investigation or I'm completely misunderstanding
> something here. 
> Why despite having a common cipher with a client server denies to handshake
> a connection?

Whether a cipher suite can be used or not depends on various 
factors.  In particular:

- list of ciphers the client supports;
- list of ciphers the server supports;
- the certificate used by the server (e.g., you won't be able to 
  use RSA cipher suites with an ECDSA certificate);
- when using ECDHE ciphers or ECDSA certificates - supported EC curves on both 
  client and server;

In this particular case the client supports only RSA ciphers, so, 
for example, there will be no shared cipher if you are using ECDSA 
certificate.

-- 
Maxim Dounin
http://mdounin.ru/

More information about the nginx mailing list