SSL Routines: ee key too small install of fullchain.pem failed

Pyrrhic · December 13, 2022, 6:36pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: hemisfero.com

I ran this command: #certbot --nginx

It produced this output:
nginx restart failed:
nginx: [emerg] SSL_CTX_use_certificate("/etc/letsencrypt/live/hemisfero.com-0001/fullchain.pem") failed (SSL: error:0A00018F:SSL routines::ee key too small)

My web server is (include version): NGINX 1.20.1

The operating system my web server runs on is (include version): RHEL 9.1

My hosting provider, if applicable, is: Linode

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.32.1

Brand new server, only has NGINX installed. Did do a public/private key generation procedure prior using ssh keygen - set to 4096

NGINX working and serving out public domains.

Nummer378 · December 13, 2022, 6:54pm

Can you verify that you have not modified /etc/pki/tls/openssl.cnf?
Can you show the contents of /etc/letsencrypt/live/hemisfero.com-0001/fullchain.pem?

rg305 · December 13, 2022, 7:14pm

Hi @Pyrrhic, and welcome to the LE communitty forum

What does that mean?
How is that affecting, or related to, nginx?

That's NOT a good sign.
Please show:
certbot certificates

Pyrrhic · December 13, 2022, 7:24pm

I only brought up the private/public keys I generated for SSH use as they are the only keys on a brand new machine. I do not know how they would affect Certbot but they ARE 4096 bit.
Example:

[root@Hem01prod /]# cd home/Bob/.ssh
[root@Hem01prod .ssh]# ls
authorized_keys id_rsa id_rsa.pub
[root@Hem01prod .ssh]#

....there are two sets, one for each of the two non-root users.

/etc/pki/tls/openssl.cnf - have not touched it.

fullchain.pem:

...the darn server is brand-new, nothing has run on it as yet. MANY, many thanks for replying so fast. Only one or two mentions on internet of this type of message. None applicable.

Very Best,

Pyrrhic

rg305 · December 13, 2022, 7:37pm

And also show:
ls -l /etc/letsencrypt/archive/hemisfero.com-0001/*

And to round it all off:
nginx -T | grep -i ssl

Pyrrhic · December 13, 2022, 7:48pm

CERTBOT CERTIFICATES:
[root@Hem01prod nginx]# certbot certificates

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Renewal configuration file /etc/letsencrypt/renewal/hemisfero.com.conf produced an unexpected error: expected /etc/letsencrypt/live/hemisfero.com/cert.pem to be a symlink. Skipping.

[root@Hem01prod nginx]# ls -l /etc/letsencrypt/archive/hemisfero.com-0001/*

-rw-r--r--. 1 root root 1895 Dec 13 13:14 /etc/letsencrypt/archive/hemisfero.com-0001/cert1.pem
-rw-r--r--. 1 root root 1891 Dec 13 14:09 /etc/letsencrypt/archive/hemisfero.com-0001/cert2.pem
-rw-r--r--. 1 root root 3749 Dec 13 13:14 /etc/letsencrypt/archive/hemisfero.com-0001/chain1.pem
-rw-r--r--. 1 root root 3749 Dec 13 14:09 /etc/letsencrypt/archive/hemisfero.com-0001/chain2.pem
-rw-r--r--. 1 root root 5644 Dec 13 13:14 /etc/letsencrypt/archive/hemisfero.com-0001/fullchain1.pem
-rw-r--r--. 1 root root 5640 Dec 13 14:09 /etc/letsencrypt/archive/hemisfero.com-0001/fullchain2.pem
-rw-------. 1 root root 1704 Dec 13 13:14 /etc/letsencrypt/archive/hemisfero.com-0001/privkey1.pem
-rw-------. 1 root root 1704 Dec 13 14:09 /etc/letsencrypt/archive/hemisfero.com-0001/privkey2.pem

[root@Hem01prod nginx]# nginx -T | grep -i ssl

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
#        listen       443 ssl http2;
#        listen       [::]:443 ssl http2;
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers PROFILE=SYSTEM;
#        ssl_prefer_server_ciphers on;

Again, thanks!!!

Best,
Pyrrhic

rg305 · December 13, 2022, 8:19pm

Please show:
ls -l /etc/letsencrypt/live/hemisfero.com/*

The nginx config isn't using any of your certs.
Not unless you copied them to the folder /etc/pki/nginx/
Please show:
ls -l /etc/pki/nginx/*

Pyrrhic · December 13, 2022, 8:32pm

[root@Hem01prod /]# ls -l /etc/letsencrypt/live/hemisfero.com/*
ls: cannot access '/etc/letsencrypt/live/hemisfero.com/*': No such file or directory

[root@Hem01prod letsencrypt]# cd live
[root@Hem01prod live]# ls
hemisfero.com-0001 README

[root@Hem01prod live]# ls -l /etc/pki/nginx/*
ls: cannot access '/etc/pki/nginx/*': No such file or directory

I was expecting to get certificates for 3 domains but the certbot, while listing all 3 as successful, seems to only have left things for hemisfero.

Best,

Petrus

_az · December 13, 2022, 9:15pm

If your system's OpenSSL "Security Level" is set to 3 or higher, then you would see this error. At level 3, RSA keys must be at least 3072 bits.

I'm just going off documentation here, but it seems like in RHEL9, that is called the "FUTURE" security level: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening. It might be worth going through that article and checking whether your security levels prohibits 2048-bit keys.

orangepizza · December 13, 2022, 9:31pm

does that block intermediate certificates? IIRC R3 is still 2048bits, right?

_az · December 13, 2022, 9:48pm

I think you're right - level 3 connecting to letsencrypt.org gives:

Verify return code: 67 (CA certificate key too weak)

Pyrrhic · December 13, 2022, 9:51pm

I DO have the security set to FUTURE, just to confirm. I will read the article more closely.

Best,

P.

Pyrrhic · December 13, 2022, 9:54pm

That doc states that legacy mode will allow 2048 but does not recommend same.

For FUTURE mode it states: '..... The RSA keys and Diffie-Hellman parameters are accepted if they are at least 3072 bits long. '

So, how do I set certbot to accept a longer key? Failing same - do I need to go to LEGACY mode to set the certbot keys?

Best,

P.

_az · December 13, 2022, 9:56pm

As @orangepizza points out, if you keep your OpenSSL Security Level set to 3, then your server won't be able to communicate with probably more than half the internet.

This might be fine or might not be, I don't know. Up to you and your use case.

Even if you ask Certbot to generate a certificate with a larger key (for example, by using --rsa-key-size 4096, or by choosing an ECDSA P-384 key), your security still might not like the certificate, because the intermediate certificate that Let's Encrypt uses is only 2048-bits as well.

(One exception: if you get your Let's Encrypt account whitelisted to have its certificates issued from the E1 issuer and issue an ECDSA P-384 certificate then, that might work for you. But it still means your server won't be able to communicate with most websites).

orangepizza · December 13, 2022, 9:59pm

DEFAULT will be fine (it's different from nither legacy nor future)

Pyrrhic · December 13, 2022, 10:02pm

I can not tell you how much the lucid replies both of you (...here's to you to Orangepizza!) have helped. I think, in our use case, we are going to have to abandon ''FUTURE'' mode for the nonce - or, until the rest of the web has caught up. It was the first time (...just as RHEL 9.0 and now 9.1 is new to us) we tried future mode and this is our first RHEL 9.x server. I think the correct answer for a web server for general use ... as in our case ... is to eschew FUTURE and go to LEGACY mode.

Again, many thanks for the rapid solution to this mysterious message.

Very Best,

Pyrrhic

Pyrrhic · December 13, 2022, 10:20pm

FYI ...for others following. Changing to LEGACY mode allowed
#certbot --nginx to correctly generate certificates and modify nginx configs. Domains now correctly served with "https:"

Best,

P.

MikeMcQ · December 13, 2022, 11:47pm

Now that's resolved you have some other issues.

You have both IPv4 and IPv6 addresses in your DNS but IPv6 is not working. You can see this on the Let's Debug test site (link here).

The Let's Encrypt HTTP challenge will first use IPv6 but certain errors have it then try IPv4. That must be what happened to allow you to get certs.

Also, you have a www subdomain in DNS. An HTTP connection to it works but HTTPS connections fail because your cert does not include the www subdomain in it.

Pyrrhic · December 13, 2022, 11:50pm

Quite! Luckily, we are just starting the process of setting the server up and we will be on to these helpful pointers and fix the issues, asap. Many thanks, Mike!!!

Best,

P.

system · January 12, 2023, 11:51pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Letsencrypt doesn't create fullchain.pem \| Your time & help appreciated :+1: Help	17	2117	July 20, 2024
New Ubuntu Doesn't have /etc/ssl/fullchain.pem Help	25	298	September 30, 2024
PEM_read_bio_PrivateKey() failed Help	7	3549	February 17, 2024
Problem with privkey.pem Help	2	769	April 14, 2023
Nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/exemple.com/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/example.com/fullch Help	4	4003	February 11, 2023

SSL Routines: ee key too small install of fullchain.pem failed

Related topics