TLS DHE ciphers fail in FIPS mode with openssl 3.0
Hi, I have an openssl client (FIPS) which has TLS connection with freeradius. The following ciphers were working well in the TLS handshake. TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 Things were working fine with openssl client 1.0.2. But when I upgrade the client to openssl 3.0 - see the TLS handshake failing on the clide side with "bad dh" error. I see some references as "Randomly generated safe primes are not allowed by FIPS,". Ref: https://docs.openssl.org/3.0/man7/EVP_PKEY-DH/#dh-and-dhx-additional-paramet... I see with "make dh" freeradius with the help of openssl - generates random dh. I guess these randomly generated safe primes are not allowed in FIPS from openssl 3. Guess somehow if we skip this and use only standard dh in radius server side it should work. Any information is much appreciated. Note: Freeradius server is using : OpenSSL 1.1.1 Thanks, Murugesh
On Jan 22, 2025, at 9:00 AM, murugesh pitchaiah <murugesh.pitchaiah@gmail.com> wrote:
Things were working fine with openssl client 1.0.2. But when I upgrade the client to openssl 3.0 - see the TLS handshake failing on the clide side with "bad dh" error.
This is due to increased security with OpenSSL.
I see some references as "Randomly generated safe primes are not allowed by FIPS,".
You should be able to disable FIPS.
I see with "make dh" freeradius with the help of openssl - generates random dh. I guess these randomly generated safe primes are not allowed in FIPS from openssl 3. Guess somehow if we skip this and use only standard dh in radius server side it should work. Any information is much appreciated.
Note: Freeradius server is using : OpenSSL 1.1.1
Is the client FreeRADIUS or something else? The solutions are (a) fix the client so that it allows DH, (b) fix the server so it doesn't use DH. Alan DeKok.
participants (2)
-
Alan DeKok -
murugesh pitchaiah