tech-crypto archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: openssl3+postfix issue (ca md too weak)
On Mon, Nov 13, 2023 at 10:24:56PM +0100, Steffen Nurpmeso wrote:
> Manuel Bouyer wrote in
> <ZVJ6LIrEPxlCEbNB%antioche.eu.org@localhost>:
> |Hello
> |I'm facing an issue with postfix+openssl3 which may be critical (depending
> |on how it can be fixed).
> |
> |Now my postfix setup fails to send mails with
> |Nov 13 20:20:53 comore postfix/smtp[6449]: warning: TLS library problem: \
> |error:0A00018E:SSL routines::ca md too weak:/usr/src/crypto/external/bsd\
> |/openssl/dist/ssl/statem/statem_lib.c:984:
> |
> |>From what I understood, this is the remote certificate which is not \
> |>accepted:
> |openssl 3 deprecated some signature algorithm, which are no longer accepted
> |with @SECLEVEL=1 (which is the default).
> |In server's certificate chain all but the last one are signed with
> |sha384WithRSAEncryption (which should be OK). The last one (the root
> |certificate) is signed with RSA-SHA1 and I don't think this will change
> |soon:
> | 3 s:C = GB, ST = Greater Manchester, L = Salford, O = Comodo CA Limited, \
> | CN = A
> | AA Certificate Services
> | i:C = GB, ST = Greater Manchester, L = Salford, O = Comodo CA Limited, \
> | CN = A
> | AA Certificate Services
> | a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA1
> | v:NotBefore: Jan 1 00:00:00 2004 GMT; NotAfter: Dec 31 23:59:59 \
> | 2028 GMT
> |
> |So, as far as I understand, we end up with a postfix installation which
> |can't talk to servers with valid certificates.
> |
> |The solution (from google) would be to force @SECLEVEL=0 but I didn't find
> |a way to do this for postfix. The solutions I've seen were for openvpn or
> |curl, but nothing about postfix :(
>
> Isn't that just postfix config.
It's possible; but I didn't find anything relevant in the postfix docs
> Btw *i* have no problem with
>
> smtpd_tls_ask_ccert = no
> smtpd_tls_auth_only = yes
> smtpd_tls_loglevel = 1
> #SMART The next is usually nice but when using client certificates
> smtpd_tls_received_header = no
> smtpd_tls_fingerprint_digest = sha256
> smtpd_tls_mandatory_protocols = >=TLSv1.2
> smtpd_tls_protocols = $smtpd_tls_mandatory_protocols
> # super modern, forward secrecy TLSv1.2 / TLSv1.3 selection..
> tls_high_cipherlist = EECDH+AESGCM:EECDH+AES256:EDH+AESGCM:CHACHA20
> smtpd_tls_mandatory_ciphers = high
> smtpd_tls_mandatory_exclude_ciphers = TLSv1
>
> ^ This works in practice without any noticeable trouble.
> (But then i again i do not have to make money from that or my
> customers who must talk to ten year old refrigerators.)
this is only server-side configuration; my problem is with client-side
rejecting the server's certificate
--
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
NetBSD: 26 ans d'experience feront toujours la difference
--
Home |
Main Index |
Thread Index |
Old Index