On Aug 7, 2023, at 1:38 PM, James Wood via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
The error isn't different. I just didn't include the client side error in my original post. To confirm:
OK.
(0) ERROR: (TLS) Failed reading from OpenSSL: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
That's pretty definitive.
The client is sending 31 ciphers, all of which are also available on the server side. I don't know why the server isn't selecting a cipher and allowing the handshake.
OpenSSL negotiation isn't trivial.
The server supports all of these, it's an out the box openssl build.
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-25 6-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA
Does *OpenSSL* support this, or have you configured the server to support this? Those are two different questions. You can configure the server to support a restricted set of ciphers, which is a subset of the above list. Sometimes this is as easy as using a particular kind of certificate. For example, if you have an EC cert, then none of the RSA cipher methods listed above will work. If you disable SHA256, then all of the SHA256 methods won't work.
Are you suggesting that something is misconfigured which means they can't agree on a cipher?
Yes. Somehow the server is using a subset of the above list. And that subset has no overlap with what the client is sending. If I had to guess, the client only supports RSA methods, and the server is using an EC certificate. So there's no overlap, and nothing happens. But without more information, it's impossible to know. Alan DeKok.