Ssl – postfix SSL routines:SSL3_GET_KEY_EXCHANGE:unable to find ecdh parameters

opensslpostfixsslssl-certificate-errors

We recently had this error while our postfix MTA tries to encrypt a connection via TLS:

 postfix/smtp[20716]: warning: TLS library problem: 20716:error:1408D13A:SSL routines:SSL3_GET_KEY_EXCHANGE:unable to find ecdh parameters:s3_clnt.c:1336:

The certificate of the remote site looks like this (serial No., subject and keys manipulated/replaced):

  openssl x509 -noout -text -in cert.cer -inform der

Certificate:
  Data:
    Version: 3 (0x2)
    Serial Number:
        00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
    Signature Algorithm: sha256WithRSAEncryption
    Issuer: C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA
    Validity
        Not Before: Dec 01 00:00:00 2016 GMT
        Not After : Dec 01 00:00:00 2019 GMT
    Subject: C=XX, ST=XX, L=XX, O=XX, OU=XX, CN=XX
    Subject Public Key Info:
        Public Key Algorithm: rsaEncryption
        RSA Public Key: (2048 bit)
            Modulus (2048 bit):
                00:b7:6b:35:b6:f7:42:84:ed:b3:e7:82:94:e2:84:
                f5:92:6b:16:f6:87:65:b7:fb:e4:eb:9b:59:37:45:
                53:9d:6f:41:94:2d:1b:17:d2:8f:f8:ce:6e:88:9b:
                79:f5:93:3b:77:de:cb:19:b4:3e:d4:49:29:5f:80:
                7b:6b:10:30:e9:b3:6f:bb:5e:9f:93:b5:f3:89:f7:
                09:31:25:80:6b:89:0e:16:69:84:49:42:4f:c9:b8:
                d7:8d:36:2e:c2:b4:d1:57:6e:fd:4d:54:b1:0e:42:
                b7:c9:fd:92:be:eb:e4:bd:85:20:fb:48:4b:c4:5c:
                ee:e2:15:96:29:e8:0b:18:0d:39:e7:91:b8:92:9f:
                b5:0e:6d:8f:91:50:90:98:d1:b0:44:8d:99:b8:51:
                63:6b:7d:3f:30:b4:11:e9:99:b5:98:7b:3d:7d:e8:
                30:4b:80:c3:11:56:b0:fb:7c:6b:74:79:1b:37:4f:
                15:81:79:29:e9:cf:be:b9:0f:d1:1b:6f:7d:67:db:
                7e:c4:35:14:18:e6:6e:e1:ec:98:76:9c:78:60:61:
                08:4f:9b:4b:bb:14:f7:bd:2b:bb:f3:2b:ed:41:37:
                2c:5d:13:83:0e:0b:3b:18:13:3d:8b:dd:9b:bb:5d:
                64:5c:b4:47:93:df:6b:bb:81:b7:fb:f5:6d:82:86:
                6e:bb
            Exponent: 65537 (0x10001)
    X509v3 extensions:
        X509v3 Authority Key Identifier:
            keyid:0F:80:61:1C:82:31:61:D5:2F:28:E7:8D:46:38:B4:2C:E1:C6:D9:E2

        X509v3 Subject Key Identifier:
            4C:94:CA:33:70:FB:3E:6B:E7:34:24:CC:53:92:64:12:20:B9:8E:65
        X509v3 Subject Alternative Name:
            DNS:XX, DNS:XX, DNS:XX, DNS:XX
        X509v3 Key Usage: critical
            Digital Signature, Key Encipherment
        X509v3 Extended Key Usage:
            TLS Web Server Authentication, TLS Web Client Authentication
        X509v3 CRL Distribution Points:
            URI:http://crl3.digicert.com/ssca-sha2-g5.crl
            URI:http://crl4.digicert.com/ssca-sha2-g5.crl

        X509v3 Certificate Policies:
            Policy: 2.16.840.1.114412.1.1
              CPS: https://www.digicert.com/CPS
            Policy: 2.23.140.1.2.2

        Authority Information Access:
            OCSP - URI:http://ocsp.digicert.com
            CA Issuers - URI:http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

        X509v3 Basic Constraints: critical
            CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
    27:be:23:6c:21:9f:eb:44:52:3b:cc:0f:b0:b4:52:40:b6:1c:
    91:ef:87:c6:44:98:8b:7c:e9:3b:db:15:d0:11:26:cb:02:8e:
    e6:e6:eb:fb:89:3c:fd:56:fb:00:cb:e5:32:56:96:92:7e:11:
    3b:bb:52:66:f0:d5:58:b8:c9:83:e4:bf:5d:15:ed:29:7f:b5:
    07:04:3b:15:b3:4c:c1:d0:08:d7:e8:26:b7:3c:e0:d0:42:46:
    22:35:b6:0d:cf:c3:14:30:e0:0b:18:6f:fb:fb:26:79:45:e9:
    78:b9:dc:f2:eb:e4:b6:d2:65:8c:c7:cb:86:52:bf:e1:3b:fb:
    83:04:d3:94:fb:14:e8:0b:ef:f1:5e:cb:45:02:bd:fd:cb:8f:
    1f:56:8d:f5:4d:b0:b1:52:1b:26:c8:bb:58:20:f7:93:e2:b8:
    12:cf:42:4b:f8:07:de:d2:9e:f6:f1:2c:79:eb:f1:bc:3f:cb:
    2d:02:17:7b:e3:00:be:7b:78:2b:96:d8:30:e6:c3:99:87:df:
    2b:19:6f:cd:37:15:1b:bb:99:61:07:cb:71:27:5d:57:9b:2d:
    b8:03:c3:5c:3e:ef:1f:3e:38:3c:27:e9:7b:e5:cc:ce:90:7c:
    bb:bc:f9:cf:b4:27:75:81:f4:f6:b4:e0:7b:3b:02:6f:f4:8e:
    95:90:06:92

On our side SSLv2 and SSLv3 are disabled. The remote side claim this is true for them also. They are using MS Exchange as the MTA…

Has anyone an idea to what this error message is related?

Best Answer

This problem has been solved, please find the solution/workaround here:

Disabling a cipher / cipher suite in postfix / TLS for specific recipient

Some aftermath: The openssl version we use (0.9.8j-fips 07 Jan 2009) has limited support for elliptic curve ciphers. It says

For now we only support named (not generic) curve and the ECParameters in this case is just three bytes.

Because the recipient has Exchange Server 2016 CU4 running, it requests an ECDH cipher with unsupported parameters. Telling postfix (via tls_policy_map) to exclude ECDH ciphers from the supported set for key exchange (exclude=kECDH) the left ciphers do the job.

Thanks to all who have contributed to the solution.

Because of CA Cross-signing!

When the GeoTrust Global CA certificate was first created and signed, no computer/browsers/applications would have had it in their trust store.

By having another CA (with a pre-existing reputation and distribution) sign the GeoTrust root CA cert, the resulting certificate (referred to as a "bridge" certificate) can now be verified by the second CA, without the GeoTrust root CA certificate having to be trusted by the client explicitly.

When Google presents the Cross-signed version of the GeoTrust root CA cert, a client that doesn't trust the original can just use the Equifax CA cert to verify GeoTrust - so Equifax acts as a kind of "legacy" trust anchor.

Best Answer

Related Solutions

SSL Certificate – How to Download SSL Certificate from a Website

Understanding the output of openssl s_client

Because of CA Cross-signing!

Related Topic