control: reassign -1 src:burp On 2018-11-01 18:56:30 [+0100], Antoine Sirinelli wrote: > I have a setup with a burp backup server running with an up to date > stretch distribution. The backup clients are running on either stretch > or buster workstation. Since the recent update of libssl1.1 from version > 1.1.0h-4 to 1.1.1-1 for the buster clients, the backups are now failing. > > This can be easily debugged with openssl, the error is: > > Verify return code: 68 (CA signature digest algorithm too weak) > > It seems it is linked to the fact that libssl is now selecting the > algorithm SHA512 instead of SHA256 for signing the digest. I have > attached the detailed logs of the openssl s_client output.
nope: |$ openssl x509 -in 912604.cert -text | grep Signature | Signature Algorithm: sha1WithRSAEncryption | Signature Algorithm: sha1WithRSAEncryption The point is that your server certificate is signed with SHA1 while the minimum is SHA256. Please note that all publicly issued certificates are signed with SHA256 these days. I would suggest a *note* in burp to notify users of burp which created self-signed certificates with pre-Buster machines that they might need to recreate their certificate if it is sigend with SHA1. Thus resssigning to burp. I just tried the Buster version of burp and myClient.crt, myServer.crt and CA_myCA.crt is signed with SHA256. I would assume that the script does not set the signing method and the default is used which changed. > This can be solved by degrading the cipher requirements in > /etc/ssl/openssl.cnf: > > -CipherString = DEFAULT@SECLEVEL=2 > +CipherString = DEFAULT@SECLEVEL=1 > > This new version is therefore including an incompatibility between > stretch and buster. libssl1.1's news file worte a note and suggested to notify the remote side instead of switching the defaults. This affects only users which used self-signed certificates. > Antoine Sebastian
