ocaml-ssl icon indicating copy to clipboard operation
ocaml-ssl copied to clipboard

Published 20 hours ago verified publisher icon savonet

weird certificate issue on libera.chat

Open c-cube opened this issue 3 years ago • 2 comments

Hi, I've had issues connecting some IRC bots recently from ocaml-irc-client. Trying the stelnet example on it is interesting:

$ dune exec examples/stelnet.exe -- irc.libera.chat -p 6697
SSL connection ok.   
Certificate issuer:  /C=US/O=Let's Encrypt/CN=R3
subject: /CN=strontium.libera.chat
Cipher: TLS_AES_256_GCM_SHA384 (TLSv1.3)
TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD

Type 'exit' to quit.

:strontium.libera.chat NOTICE * :*** Checking Ident
:strontium.libera.chat NOTICE * :*** Looking up your hostname...

but with paranoid:

$ dune exec examples/stelnet.exe -- irc.libera.chat -p 6697 -w
Certificate[2] subject=/C=US/O=Internet Security Research Group/CN=ISRG Root X1
Certificate[2] issuer =/O=Digital Signature Trust Co./CN=DST Root CA X3
SSL: rejecting connection - error=20
Fatal error: exception SSL connection() error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

c-cube avatar May 28 '21 02:05 c-cube

I confirm I can reproduce.

May be this is related to Let's encrypt certificate not considered secure enough ?

craff avatar May 17 '23 22:05 craff

This is the same output from ssl (openssl s_client -connect irc.libera.chat:6697):

CONNECTED(00000003)
depth=1 C = US, O = Let's Encrypt, CN = R3
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = mercury.libera.chat
verify return:1
---
Certificate chain
 0 s:CN = mercury.libera.chat
   i:C = US, O = Let's Encrypt, CN = R3
   a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
   v:NotBefore: Jul 24 06:40:56 2023 GMT; NotAfter: Oct 22 06:40:55 2023 GMT
 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Sep  4 00:00:00 2020 GMT; NotAfter: Sep 15 16:00:00 2025 GMT

I believe this is because of the cross-signed certificate it is using which is not entirely supported by OpenSSL, see: https://security.stackexchange.com/questions/133221/how-to-properly-create-and-use-cross-signed-cas-and-certificates

One solution off the top of my head would be to eliminate one of the root certs from your trust store so it can build the certificate chain properly.

Firgeis avatar Jul 30 '23 15:07 Firgeis