Alert handshake failure Certbot


#1

I have a server that runs in NodeJS (express) and I have an issue when trying to to make it https. I was able to manually create a certificate using Certbot

certbot certonly --manual

after that, I set up my express app

const fs = require('fs');
var http = require('http');
var https = require('https');
var express = require('express');

const credentials = {
  key: fs.readFileSync('/etc/letsencrypt/live/example/privkey.pem', 'utf8'),
  cert: fs.readFileSync('/etc/letsencrypt/live/example/cert.pem', 'utf8'),
  ca: fs.readFileSync('/etc/letsencrypt/live/example/chain.pem', 'utf8')
};

const app = express();

// Starting both http & https servers
const httpServer = http.createServer(app);
const httpsServer = https.createServer(credentials, app);

httpServer.listen(80, () => {
  console.log('HTTP Server running on port 80');
});

httpsServer.listen(443, () => {
  console.log('HTTPS Server running on port 443');
});

but now when I try to access my page via https protocol I am getting errors

in Chrome:

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

in Firefox:

SSL_ERROR_NO_CYPHER_OVERLAP 

and when I run curl -I

error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

or curl -Iv

* Rebuilt URL to: https://example.com/
*   Trying 90.80.200.30...
* TCP_NODELAY set
* Connected to example.com (90.80.200.30) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Unknown (21):
* TLSv1.2 (IN), TLS alert, Server hello (2):
* error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
* Curl_http_done: called premature == 1
* stopped the pause stream!
* Closing connection 0
curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

I have a server that runs in NodeJS (express) and I have an issue when trying to to make it https. I was able to manually create a certificate using Certbot

certbot certonly --manual

after that, I set up my express app

const fs = require('fs');
var http = require('http');
var https = require('https');
var express = require('express');

const credentials = {
  key: fs.readFileSync('/etc/letsencrypt/live/example/privkey.pem', 'utf8'),
  cert: fs.readFileSync('/etc/letsencrypt/live/example/cert.pem', 'utf8'),
  ca: fs.readFileSync('/etc/letsencrypt/live/example/chain.pem', 'utf8')
};

const app = express();

// Starting both http & https servers
const httpServer = http.createServer(app);
const httpsServer = https.createServer(credentials, app);

httpServer.listen(80, () => {
  console.log('HTTP Server running on port 80');
});

httpsServer.listen(443, () => {
  console.log('HTTPS Server running on port 443');
});

but now when I try to access my page via https protocol I am getting errors

in Chrome:

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

in Firefox:

SSL_ERROR_NO_CYPHER_OVERLAP 

and when I run curl -I

error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

or curl -Iv

* Rebuilt URL to: https://example.com/
*   Trying 90.80.200.30...
* TCP_NODELAY set
* Connected to example.com (90.80.200.30) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Unknown (21):
* TLSv1.2 (IN), TLS alert, Server hello (2):
* error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
* Curl_http_done: called premature == 1
* stopped the pause stream!
* Closing connection 0
curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

or via openssl x509 -in /etc/letsencrypt/live/example.com/cert.pem --noout --text

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:44:02:20:4A:48:E9:34:36:94:72:A9:DD:65:D0:3F
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
        Validity
            Not Before: Oct 31 12:53:53 2018 GMT
            Not After : Jan 29 12:53:53 2019 GMT
        Subject: CN = example.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                      30:44:02:20:4A:48:E9:34:36:94:72:A9:DD:65:D0:3F:
                                  …
                      3E:E7:FE:74:88:FB:A4:8F:28:93:01:9D:DD:F1:DB:FE
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier:
                30:44:02:20:4A:48:E9:34:36:94:72:A9:DD:65:D0:3F:65:D0:3F:65:D0:3F:D0:3F:65:D0
            X509v3 Authority Key Identifier:
                keyid:30:44:02:20:4A:48:E9:34:36:94:72:A9:DD:65:D0:3F:65:D0:3F:65:D0:3F

            Authority Information Access:
                OCSP - URI:http://ocsp.int-x3.letsencrypt.org
                CA Issuers - URI:http://cert.int-x3.letsencrypt.org/

            X509v3 Subject Alternative Name:
                DNS:example.com
            X509v3 Certificate Policies:
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org
                  User Notice:
                    Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/

            CT Precertificate SCTs:
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 30:44:02:20:4A:48:E9:34:36:94:72:A9:DD:65:D0:3F:
                                30:44:02:20:4A:48:E9:34:36:94:72:A9:DD:65:D0:3F
                    Timestamp : Oct 31 13:53:53.601 2018 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:4A:48:E9:34:36:94:72:A9:DD:65:D0:3F:
                                            …
                                3E:E7:FE:74:88:FB:A4:8F:28:93:01:9D:DD:F1:DB:FE
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 30:44:02:20:4A:48:E9:34:36:94:72:A9:DD:65:D0:3F:
                                30:44:02:20:4A:48:E9:34:36:94:72:A9:DD:65:D0:3F:
                    Timestamp : Oct 31 13:53:53.593 2018 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:4A:48:E9:34:36:94:72:A9:DD:65:D0:3F:
                                            …
                                3E:E7:FE:74:88:FB:A4:8F:28:93:01:9D:DD:F1:DB:FE
    Signature Algorithm: sha256WithRSAEncryption
                  30:44:02:20:4A:48:E9:34:36:94:72:A9:DD:65:D0:3F:
                              …
                  3E:E7:FE:74:88:FB:A4:8F:28:93:01:9D:DD:F1:DB:FE

I was trying to figure out what could be causing this issue and or how could I solve it but I was not able to figure anything out, I tried updating OpenSSL to the latest version, I tried to regenerate the certificate but nothing helped, I’d be very happy for any help whatsoever.


#2

Looks like you may need to specify which ciphers & protocols you want https.createServer to use.


#3

Should probably include something like:
ciphers:"HIGH";

Start with that and replace HIGH as you see fit.


#4

I tried so many variations of ciphers but none of them helped solve this issue.


#5

I tried to run some more additionals commands for more info, I am still clueless how to fix this

openssl s_client -connect example.com:443

CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = example.com
verify return:1
---
Certificate chain
 0 s:/CN=example.com
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
Ui1+nIYuYX9pfi+lQMchiMS90xsM7g0LtHP2ya1/2IgizLY4IjM/MXO6ykVa6JU8
                    …
eXB0Lm9yZy9yZXBvc2l0b3J5LzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AOJp
-----END CERTIFICATE-----
subject=/CN=example.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3429 bytes and written 302 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 99A2269E79E79E762624A77229E762629E79E7BE1C19E7CB30499E7092269E72620A6C9E7
    Session-ID-ctx:
    Master-Key: 9E79451F4C469E79E7925ED689E79EAB79E7989E799E799E79213779E799E799E799E799E799E79EFCC152D
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - c4 6d 99 ee 27 d7 e6 c7-ad 67 d2 e9 f4 5c 74 67   .m..'....g...\tg
    0000 - c4 6d 99 ee 27 d7 e6 c7-ad 67 d2 e9 f4 5c 74 67   .m..'....g...\tg
    0000 - c4 6d 99 ee 27 d7 e6 c7-ad 67 d2 e9 f4 5c 74 67   .m..'....g...\tg
    0000 - c4 6d 99 ee 27 d7 e6 c7-ad 67 d2 e9 f4 5c 74 67   .m..'....g...\tg
    0000 - c4 6d 99 ee 27 d7 e6 c7-ad 67 d2 e9 f4 5c 74 67   .m..'....g...\tg
    0000 - c4 6d 99 ee 27 d7 e6 c7-ad 67 d2 e9 f4 5c 74 67   .m..'....g...\tg
    0000 - c4 6d 99 ee 27 d7 e6 c7-ad 67 d2 e9 f4 5c 74 67   .m..'....g...\tg
    0000 - c4 6d 99 ee 27 d7 e6 c7-ad 67 d2 e9 f4 5c 74 67   .m..'....g...\tg
    0000 - c4 6d 99 ee 27 d7 e6 c7-ad 67 d2 e9 f4 5c 74 67   .m..'....g...\tg
    0000 - c4 6d 99 ee 27 d7 e6 c7-ad 67 d2 e9 f4 5c 74 67   .m..'....g...\tg


    Start Time: 1541064686
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---

nmap --script ssl-enum-ciphers example.com

Starting Nmap 7.40 ( https://nmap.org ) at 2018-11-01 10:36 CET
Nmap scan report for example.com (90.80.200.30)
Host is up (0.0047s latency).
Not shown: 990 closed ports
PORT     STATE    SERVICE
21/tcp   open     ftp
22/tcp   open     ssh
53/tcp   open     domain
80/tcp   open     http
443/tcp  open     https
| ssl-enum-ciphers:
|   TLSv1.0:
|     ciphers:
|       TLS_DH_anon_WITH_AES_256_CBC_SHA - F
|     compressors:
|       NULL
|     cipher preference: indeterminate
|     cipher preference error: Too few ciphers supported
|   TLSv1.1:
|     ciphers:
|       TLS_DH_anon_WITH_AES_256_CBC_SHA - F
|     compressors:
|       NULL
|     cipher preference: indeterminate
|     cipher preference error: Too few ciphers supported
|   TLSv1.2:
|     ciphers:
|       TLS_DH_anon_WITH_AES_256_CBC_SHA - F
|     compressors:
|       NULL
|     cipher preference: indeterminate
|     cipher preference error: Too few ciphers supported
|_  least strength: F
1433/tcp filtered ms-sql-s
1723/tcp open     pptp
2000/tcp open     cisco-sccp
8082/tcp filtered blackice-alerts
8291/tcp open     unknown

Nmap done: 1 IP address (1 host up) scanned in 15.81 seconds

#6

I think your tests are giving you a false negative:

Try SSL Labs at your system.


#7

Usually, the best practice for Node apps is to put them behind a reverse proxy like Nginx (using proxy_pass) or Apache (using ProxyPass). I think if you try this you’ll find that it’s much easier to configure Nginx or Apache to serve HTTPS correctly and you can focus on improving your app.


#8

It says Assessment failed: Failed to communicate with the secure server


#9

I think @jsha is correct.
If you can get to your nodejs content via http but not via https, just use a reverse proxy (nginx or apache) to handle the https connections and be done with this.

That means your system IP is not serving https to the Internet.
As confirmed by three different system using: openssl s_client -connect 90.80.200.30:443

connect: No such file or directory
connect:errno=0

140700959625664:error:0200206F:system library:connect:Connection refused:…/crypto/bio/b_sock2.c:108:
140700959625664:error:2008A067:BIO routines:BIO_connect:connect error:…/crypto/bio/b_sock2.c:109:
connect:errno=111

socket: Bad file descriptor
connect:errno=9


#10

So I put my Node app behind Apache with ProxyPass and re-deployed certificate via Certbot and everything went smooth but the https is still not working, it still keeps displaying the same issues I had before.

:~$ openssl s_client -connect example.com:443
CONNECTED(00000003)
140713586914560:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1399:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 176 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1541509148
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
---

curl

curl -Iv https://example.com
* Rebuilt URL to: https://example.com/
*   Trying 90.80.200.30(not the real ip)...
* TCP_NODELAY set
* Connected to example.com (90.80.200.30) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Unknown (21):
* TLSv1.2 (IN), TLS alert, Server hello (2):
* error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
* Curl_http_done: called premature == 1
* stopped the pause stream!
* Closing connection 0
curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

#11

What is your version of openssl?


#12
OpenSSL 1.1.0f  25 May 2017
built on: reproducible build, date unspecified
platform: debian-amd64
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/lib/ssl\"" -DENGINESDIR="\"/usr/lib/x86_64-linux-gnu/engines-1.1\"" 
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/x86_64-linux-gnu/engines-1.1"

#13

Well, I’m out of ideas…
Without an actual IP / real domain there is nothing more I can do [test].


#14

my app is running on a certain port on a subdomain of a different app which has its own certificate but the same IP, could the issue be caused by the fact there are multiple certificates for a same IP or that the second level domain has its own certificate?


#15

This information is unclear…

Are they running on separate ports on the same IP?
Are they being served by the same software?
Do they work without TLS?

I don’t think your issue can be caused by certificate issuances; So, NO.


#16

when I try to put the intranet IP it works

  :~$ openssl s_client -connect 10.0.0.10:443 -servername example.com
    CONNECTED(00000003)
    depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
    verify return:1
    depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
    verify return:1
    depth=0 CN = example.com
    verify return:1
    ---
    Certificate chain
     0 s:/CN=example.com
       i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
     1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
       i:/O=Digital Signature Trust Co./CN=DST Root CA X3
    ---
    Server certificate
    -----BEGIN CERTIFICATE-----
    MGgAwIBTCCBQGgAm8fiktMA0GCSqz53E2moNEgISAz538jm8fiktMA53E2moNEgISAzz53E2moNEg
    -----END CERTIFICATE-----
    subject=/CN=example.com
    issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
    ---
    No client certificate CA names sent
    Peer signing digest: SHA512
    Server Temp Key: ECDH, P-256, 256 bits
    ---
    SSL handshake has read 3464 bytes and written 335 bytes
    Verification: OK
    ---
    New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
    Server public key is 2048 bit
    Secure Renegotiation IS supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    SSL-Session:
        Protocol  : TLSv1.2
        Cipher    : ECDHE-RSA-AES128-GCM-SHA256
        Session-ID: 467D96225D7…7F8A1C0AC3777F8A
        Session-ID-ctx:
        Master-Key: 462256225862…25622517C622525
        PSK identity: None
        PSK identity hint: None
        SRP username: None
        TLS session ticket lifetime hint: 300 (seconds)
        TLS session ticket:
        0000 - ad 32 b7 1c 2d 24 ab 2e-51 4a 32 2b 30 62 02 39   .2../$.,QJ2+0b.9
        Start Time: 1541580385
        Timeout   : 7200 (sec)
        Verify return code: 0 (ok)
        Extended master secret: no
    ---

#17

Does this connection from the Internet:

connect to this internal device and IP:


#18

it does

openssl s_client -connect 10.0.0.10:443 -servername example.com

CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = example.com
verify return:1
---
Certificate chain
 0 s:/CN=example.com
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
SAz53E2moNEXCCBQGgAwIBASAz53E2moNEXSAz53E2moNSAz53E2moNEXCCwUAAA
            …
-----END CERTIFICATE-----
subject=/CN=example.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3464 bytes and written 335 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol  : TLSv1.2
Cipher    : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 2B79202F809B4A73AE4409B4A09B4A73AE4409B4A73AE4409B4A73AE44853
Session-ID-ctx:
Master-Key: 2B79202F809B4A73AE4409B4A09B4A73AE44094409B4A09B4A4409B4A09BB4A73AE4409B4A73AE44853
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - c9 7d ba 74 1d 76 667d b7d ba 74 1d 7d bd 8e 70   .}.t.vfC..n....p
          …

Start Time: 1541665692
Timeout   : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---

#19

The issue is resolved, it was caused by a settings in our router, where the traffic was allowed only to port 80.