On Mon, Feb 11, 2013 at 11:58:07PM +0100, we...@zackbummfertig.de wrote:
> on my backup relay server i find these lines in the logs.
> i rebuild openssl and postfix.
> i am on gentoo linux.
>
> openssl 1.0.1c
Gentoo builds software from source, are you sure you built OpenSSL
1.0.1c and not the troubled 1.0.1d?
> Feb 11 22:52:52 fallbackhost postfix/smtp[18823]: warning: TLS
> library problem: 18823:error:04075070:rsa routines:RSA_sign:digest
> too big for rsa key:rsa_sign.c:127:
> Feb 11 22:52:52 fallbackhost postfix/smtp[18823]: warning: TLS
> library problem: 18823:error:14099006:SSL
> routines:SSL3_SEND_CLIENT_VERIFY:EVP lib:s3_clnt.c:2983:
This is only possible when the client and server are using TLSv1.2
and the client presents its own certificate. Do you have a client
cert? If so, can you post the output of:
$ openssl x509 -in clientcert.pem
Also the output of:
$ postconf -n | egrep '^(smtp_)?tls_'
> any ideas? what causes these errors?
The TLSv1.2 digest algorithm negotiated with the server is reportedly
"too big" for your client certificate. If so, this feels like an
implementation bug. The client should not present a certificate
for which it can't generate a signature using the agreed digest.
https://tools.ietf.org/html/rfc5246#section-7.4.8
The hash and signature algorithms used in the signature MUST be
one of those present in the supported_signature_algorithms field
of the CertificateRequest message. In addition, the hash and
signature algorithms MUST be compatible with the key in the
client's end-entity certificate. RSA keys MAY be used with any
permitted hash algorithm, subject to restrictions in the
certificate, if any.
You can retry the s_client command with the same client certificate
configured with Postfix,
$ openssl s_client \
-cert clientcert.pem -key clientkey.pem \
-state -debug -msg -starttls smtp -connect mail.zbfmail.de:25
I'm only able to reproduce your problem when I generate and use an
insecure 512-bit RSA client certificate (not a good plan).
SSL_connect:SSLv3 write client key exchange A
SSL_connect:error in SSLv3 write certificate verify A
SSL_connect:error in SSLv3 write certificate verify A
140735152091612:error:04075070:rsa routines:RSA_sign:digest too big for rsa
key:rsa_sign.c:127:
140735152091612:error:14099006:SSL routines:SSL3_SEND_CLIENT_VERIFY:EVP
lib:s3_clnt.c:2983:
When I specify a 1024-bit key, the handshake completes normally.
Whatever motivated you to configure a client certificate, and
particularly a pointlessly weak one that is well short of 1024-bits,
was probably the result of a particularly delirious nightmare.
Just relax and set:
main.cf:
smtp_tls_cert_file =
smtp_tls_key_file =
as documented in:
http://www.postfix.org/TLS_README.html#client_cert_key
--
Viktor.
