OpenSSL - Cryptography and SSL/TLS Toolkit

mail

openssl ciphers

Usage

converts textual OpenSSL cipher lists into ordered SSL cipher preference lists. It can be used to determine the appropriate cipherlist

Flags

Flag Usage
-v verbose output. For each cipher suite :
  • list details as provided by SSL_CIPHER_description(3), i.e. things like cipher's name, stdname, nb of secret bits used, version, NID (source), digest NID, handshake digest (?), key exchange NID, authentication NID,
  • output a line made of the following fields (source, example):
    1. cipherName : textual representation of the cipher name (it's a ± approximate mnemonic summarizing the other fields)
    2. protocolVersion : minimum protocol version that the ciphersuite supports, such as TLSv1.2
    3. Kx=keyExchangeMethod : RSA, ECDHE, ...
    4. Au=authenticationMethod : RSA, none, ... (none represents anonymous ciphers)
    5. Enc=symmetricEncryptionMethod : encryption method, with number of secret bits, such as AESGCM(128)
    6. Mac=messageAuthenticationCode : message digest, such as SHA256

Example

Get verbose list of cipher suites :

openssl ciphers -v

DHE-RSA-AES128-SHA256		TLSv1.2		Kx=DH		Au=RSA		Enc=AES(128)		Mac=SHA256
DHE-PSK-AES256-GCM-SHA384	TLSv1.2		Kx=DHEPSK	Au=PSK		Enc=AESGCM(256)		Mac=AEAD
AES256-SHA			SSLv3		Kx=RSA		Au=RSA		Enc=AES(256)		Mac=SHA1

^^^^				^^^^		^^^^		^^^^		^^^^			^^^^
cipher				protocol	key		authent.	encryption		message
name				version		exchange	method		method			digest
			

mail

openssl genrsa

Usage

generate an RSA private key :
openssl genrsa cipherAlgorithm -out outputFile keyLengthBits
-aes* and -des3 are good candidates for cipherAlgorithm (source)
mail

openssl passwd

Usage

compute the hash of a password

Flags

Flag Usage
-6 use the SHA256 / SHA512-based algorithms
-salt salt use the specified salt
mail

openssl req

Usage

PKCS#10 certificate request and certificate generating utility
mail

How to get certificate metadata ?

Commands below can be used to work on local or remote certificates :
  • local :
    • they look like openssl -in /path/to/certificate
    • they may be used while managing your own certificates
  • remote :
    • they look like openssl -connect www.example.com:443 |
    • they may be used while inspecting the certificates of a webserver you don't own
Not checked for all, but it looks like it's possible to run things like [remote command] | [local command] (after some adjustments on the -in part and the likes).
Validity date range :
  • for a local certificate :
    openssl x509 -noout -in /path/to/certificate.pem -dates
    notBefore=Jan 8 13:42:16 2016 GMT
    notAfter=Jan 7 13:42:16 2019 GMT
  • for a remote certificate :
    openssl s_client -connect www.example.com:443 | openssl x509 -noout -in - -dates
    Looks like the -in - syntax is now deprecated (details : man openssl x509 | grep -A1 -- ' -in filename') : it defaults to stdin and - seems unsupported anymore. Run instead :
    openssl s_client -connect www.example.com:443 | openssl x509 -noout -dates
issuer :
openssl x509 -noout -in /path/to/certificate.pem -issuer
issuer= /C=FR/O=MA PETITE ENTREPRISE/OU=1234 987654321/CN=AC INFRASTRUCTURE MA PETITE ENTREPRISE
Purpose (what the certificate may be used for) :
openssl x509 -noout -in /path/to/certificate.pem -purpose
Certificate purposes:
SSL client : Yes
SSL client CA : No
SSL server : Yes
SSL server CA : No
Netscape SSL server : Yes
Netscape SSL server CA : No
S/MIME signing : No
S/MIME signing CA : No
S/MIME encryption : No
S/MIME encryption CA : No
CRL signing : No
CRL signing CA : No
Any Purpose : Yes
Any Purpose CA : Yes
OCSP helper : Yes
OCSP helper CA : No
Time Stamp signing : No
Time Stamp signing CA : No
subject aka Common Names (CN) :
  • openssl x509 -noout -in /path/to/certificate.pem -subject
    subject= /C=FR/O=MA PETITE ENTREPRISE/OU=1234 987654321/CN=ma.petite.entreprise.fr
  • openssl x509 -noout -in /usr/share/ca-certificates/mozilla/DigiCert_Global_Root_CA.crt -subject
    subject=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
Subject Alternative Names (SAN) :
openssl s_client -connect www.example.com:443 | openssl x509 -noout -text | grep 'DNS:'
Output the certificate in text form :
openssl x509 -noout -in /path/to/certificate.pem -text
Certificate:
	Data:
		Version: 3 (0x2)
		Serial Number: 3896 (0xf38)
	Signature Algorithm: sha256WithRSAEncryption
		Issuer: C=FR, O=MA PETITE ENTREPRISE, OU=1234 987654321, CN=AC INFRASTRUCTURE MA PETITE ENTREPRISE

		Validity
			Not Before: Jan 8 13:42:16 2016 GMT
			Not After : Jan 7 13:42:16 2019 GMT
		Subject: C=FR, O=MA PETITE ENTREPRISE, OU=1234 987654321, CN=ma.petite.entreprise.fr
		Subject Public Key Info:
			Public Key Algorithm: rsaEncryption
				Public-Key: (2048 bit)
				Modulus:
					69:07:44:7b:dc:c0:64:70:5e:a2:49:60:df:ab:e5:
					
					4d:c1
				Exponent: 65537 (0x10001)
		X509v3 extensions:
			X509v3 Subject Key Identifier:
				DE:AD:BE:EF:2D:9E:79:94:05:22:E1:F3:60:7C:59:2E:A7:12:0B:03
			X509v3 Authority Key Identifier:
				keyid:B1:6B:00:B5:59:BF:DA:BF:CE:CE:F4:FE:74:E3:12:86:51:19:53:85

			X509v3 Certificate Policies:
				Policy: 1.2.250.1.240.0.1.1.2.1.22.1.1
				CPS: http://www.xxx.yyy.fr/cps/policies.pdf

			X509v3 Extended Key Usage:
				TLS Web Client Authentication, TLS Web Server Authentication
			X509v3 Key Usage: critical
				Digital Signature, Key Encipherment
			X509v3 Subject Alternative Name:
				DNS:ma.petite.entreprise.fr, DNS:ma.ptite.entreprise.fr, DNS:ma.minuscule.entreprise.fr
			X509v3 CRL Distribution Points:

				Full Name:
				URI:http://www.xxx.yyy.fr/crl/truc.crl

	Signature Algorithm: sha256WithRSAEncryption
		e6:2e:a1:e3:27:65:3e:2b:c8:5d:bd:a1:ab:2d:e4:8d:8e:8e:
		
		ce:a3:77:0e:0b:96:dd:e4
mail

How to test an SSL / TLS connection as a client ?

  1. Check basic network connectivity :
    nc -vz ssl.example.com 443
    ssl.example.com [12.34.56.78] 443 (?) open
    The chunk between parentheses ((?) here) identifies the recognized protocol type, if any (based on common port numbers ?).
  2. Ensure you can contact the remote host :
    telnet ssl.example.com 443
    Trying 12.34.56.78...
    Connected to ssl.example.com.
    Escape character is '^]'.
  3. Try a basic connection and get details about the certificate (CA-signed / self-signed ?) :
    • To an HTTP host :
      openssl s_client -connect ssl.example.com:443 | less
      CONNECTED(00000003)
      depth=1 /C=US/O=Entrust, Inc./OU=www.entrust.net/rpa is incorporated by reference/OU=(c) 2009 Entrust, (--8<--)
      Certification Authority - L1C
      verify error:num=20:unable to get local issuer certificate
      verify return:0
      23504:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1057:SSL alert number 40
      23504:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:
    • To an FTP host :
      openssl s_client -connect ftp.example.com:990 -ssl2 -starttls ftp
  4. Time to look for :
    • .crt : certificates
    • .key : private key
    • .pem : client certificate private key. You will also need the attached passphrase.
  5. Now let's try this as root, since certificate or key files may not be readable by everybody:
    openssl s_client -connect ssl.example.com:443 -cert /var/www/www.example.com/extension/app/file/application.pem -key /var/www/www.example.com/extension/app/file/application.pem
    + passPhrase (if any)
  6. Until then, we had :
    openssl s_client -connect 12.34.56.78:443
    CONNECTED(00000003)
    write:errno=104
    ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 0 bytes and written 290 bytes
    ---
    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    SSL-Session:
    	Protocol  : TLSv1.2
    	Cipher    : 0000
    	Session-ID:			nothing
    	Session-ID-ctx:
    	Master-Key:			nothing
    	Key-Arg   : None
    	
    But give a try with :
    openssl s_client -connect 12.34.56.78:443 -bugs
    CONNECTED(00000003)
    
    Certificate chain
    
    ---
    Server certificate
    -----BEGIN CERTIFICATE-----
    5idUUvuYS3ompLYsF/C49EaNCZJ0SHBGujK5IKojOUKIjbLWwCZUY1PttlLwbwVA
    ...
    mj37XAHZIquh1LiyBdKXmCbcqfS5sDaMRk46EqXPVGZCbeL9G3/TmTmLaqTLMZal
    -----END CERTIFICATE-----
    
    No client certificate CA names sent
    ---
    SSL handshake has read 3283 bytes and written 831 bytes
    ---
    New, TLSv1/SSLv3, Cipher is RC4-SHA
    Server public key is 2048 bit
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    SSL-Session:
    	Protocol  : TLSv1
    	Cipher    : RC4-SHA
    	Session-ID: 6988A27FAD0A83E74CA5C77562E4FF3D7A67F1642398D0EF9643AFF8AB4AB24B	not empty anymore 
    	Session-ID-ctx:
    	Master-Key: FA15AD54374A44022DA8E72B855C3B4FF668A23AF83FE364106ED037B0E83BBC36195BB7BDCAD7C3C2A14EBA0A2A4410	not empty anymore 
    	Key-Arg   : None
    	
    	Verify return code: 0 (ok)
    ---
    read:errno=0
  7. If everything looks fine on the SSL / TLS side, maybe time has come to start playing with curl.
mail

openssl errors

write:errno=104
https://superuser.com/questions/297889/does-openssl-errno-104-mean-that-sslv2-is-disabled#answer-297929

At least on Linux, 104 is ECONNRESET for "Connection reset by peer" – in other words, the connection was forcibly closed with a TCP RST packet, either sent out by the server or spoofed by an intermediary.
I would try Wireshark/tshark on the Ubuntu server to see what actually gets sent. If the RST is real, it could be that the httpd process died – check the log files and dmesg just in case.


https://stackoverflow.com/questions/24457408/openssl-command-to-check-if-a-server-is-presenting-a-certificate#answer-29215480

I was debugging an SSL issue today which resulted in the same write:errno=104 error. Eventually I found out that the reason for this behavior was that the server required SNI (servername TLS extensions) to work correctly. Supplying the -servername option to openssl made it connect successfully:

	openssl s_client -connect domain.tld:443 -servername domain.tld


https://github.com/requests/requests/issues/2543
All of those exceptions indicate that [the remote server] is closing the connection on you (i.e. closed the connection while we were expecting to read data from it). You should check whether your data is valid.
Could be the request headers, could be the request body.


https://stackoverflow.com/questions/16332053/openssl-s-client-connect-ldaphost636-returns-error-message-writeerrno-104
Are you sure that SSL is correctly set up on the Active Directory server ? 104 means the server sent a RST, which may be the behavior of Active Directory without a correct certificate, I guess. Could you look at what really happens at the network layer, using Wireshark for example ?


http://openssl.6102.n7.nabble.com/Handshake-fails-for-unknown-reason-td9466.html
errno 104 on Linux is ECONNRESET. It appears to be happening before/without receiving the ServerHello. Try with -msg to confirm this.
	openssl s_client -connect 12.34.56.78:443 -bugs -msg | grep ServerHello
error setting private key
the passphrase fits the -key value, but the -key value doesn't match the -cert value
unable to load client certificate private key file
wrong passphrase for the -key value
SSL23_GET_SERVER_HELLO:unknown protocol
This error happens when OpenSSL receives something other than a ServerHello in a protocol version it understands from the server. It can happen if the server answers with a plain (unencrypted) HTTP. It can also happen if the server only supports e.g. TLS 1.2 and the client does not understand that protocol version. Normally, servers are backwards compatible to at least SSL 3.0 / TLS 1.0, but maybe this specific server isn't (by implementation or configuration). (source).
Try specifying explicitly the network protocol to use : SSLv3, TLSv1, ...
SSL3_GET_RECORD:wrong version number
No known root cause so far. Adding -starttls ftp to the command line fixed it.
mail

openssl

Flags

Flag Usage
-debug Show debug information (verbose mode)
-starttls protocol Send the protocol-specific message(s) to switch to TLS communication. protocol is one of smtp, pop3, imap, ftp, xmpp, xmpp-server, irc.
-ssl2 Use the SSLv2 network protocol. This is prohibited since March 2011 (source).
-ssl3 Use the SSLv3 network protocol. This is prohibited since June 2015 (source).
-tls1 Use the TLSv1 network protocol
-tls1_1 Use the TLSv1.1 network protocol
-tls1_2 Use the TLSv1.2 network protocol

Example

Get openssl's version :

  • dpkg -l | grep -E "[[:blank:]]openssl" | awk '{ print $2" "$3 }'
    openssl 1.1.0f-3+deb9u1
  • openssl version
    OpenSSL 1.1.0f 25 May 2017

How to list the supported SSL / TLS versions ? (source)

openssl ciphers -v | awk '{print $2}' | sort -u

SSLv3
TLSv1
TLSv1.2