[openssl-users] What does this error mean? sslv3 alert certificate unknown:state 23

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Mon Apr 24 22:11:49 UTC 2017 

    > I use a 3rd-party application that is trying to update itself (so it’s trying to “call home”).
    > Naturally, I’m behind a corporate firewall and Web proxy. The app has been configured to use
    > that proxy. It fails to connect. Packet capture reveals the following:
    
    You're noticeably at this point in the problem report.  Is this a packet capture
    between the application and the proxy, or between the proxy and the outside host?

It is between the app and the proxy. I have no access to the proxy <-> outside traffic. (

    At what stage of the handshake is the alert seen?

It looks like it’s after the initial handshake (I see HTTP 200 before this).
    
    Have you tried using "curl" to complete a proxied connection to the remote server?

Nope. I don’t even know what to try to “curl” from there, and browser connects fine.

    
    > Handshake failed
    > 
    > The SSL handshake could not be performed.
    > 
    > Host: <remote host name>
    > Reason: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown:state 23:Application response 500 handshakefailed
    
    The alert is always generated remotely and reported locally.  It could
    in theory come from the proxy, but more likely from the real remote
    server.
    
I see, thanks!

    

    The server may not like the client's ciphers or protocol version.
    
    See my recent post: https://www.spinics.net/lists/openssl-users/msg05623.html
    for instructions on how to extract SSL info from PCAP files in a way that
    mostly trims away endpoint details... (of course SNI names and cert names
    would still be there, so you'd need to trim those if you want to anonymize
    the guilty parties).
    
I cannot do “openssl s_client …” because the proxy doesn’t let it through.


    Capture the traffic between the proxy and the remote server if at all
    possible, and compare with the trace between client and proxy.

Alas, cannot. Though I can ask people in charge of the proxy to do that.

I went through the capture between the app (local end) and the proxy. It appears that the sequence is:

ClientHello -> (from app to proxy, with a ton of cipher suites, including 0xc02f)
       <-  ServerHello (with TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 – present in ClientHello)
       <- CertificateServer Key Exchange, Server Hello Done (includes proxy’s cert rather than the remote end’s cert)

Alert (Level: Fatal, Description: Certificate Unknown) ->

So it appears that the app expects the remote end’s cert, and is not happy getting the proxy’s cert instead?

 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5211 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170424/d6be3c0f/attachment.bin>

More information about the openssl-users mailing list