Question about handshake error

Viktor Dukhovni openssl-users at
Wed Mar 11 16:56:16 UTC 2020

On Wed, Mar 11, 2020 at 03:12:26PM +0000, Matt Caswell wrote:

> > The signature algorithm security level is not expected to be enforced
> > on self-signed certificates (root CAs).  How is it happening here?
> It isn't. In this case the client is openssl but the server is unknown.
> The problem is on the server side. The server is refusing to continue a
> handshake where the sigalgs do not include sha1 because the server is
> misconfigured to include a root in the cert chain which has a SHA1
> signature. The server is obviously inspecting the mis-configured chain,
> seeing the SHA1 signature, and giving up. This is not an OpenSSL problem.

Matt are you able to confirm whether the below is correct?  Perhaps
I should file a PR to address this if it is...

On Wed, Mar 11, 2020 at 11:32:58AM -0400, Viktor Dukhovni wrote:

> > self-signed CA signatures are not subjected to security levels in
> > x509_vfy.c, the same exclusion does not appear to be present in:
> > 
> >     int ssl_security_cert(SSL *s, SSL_CTX *ctx, X509 *x, int vfy, int is_ee)
> > [...]


More information about the openssl-users mailing list