All,
I upgraded one of my servers from Debian stretch to Debian buster yesterday and I've been unable to establish stunnel connections to it since then.
When I connect, I get this log message on the server end:
LOG5[0]: Service [svn-name] accepted connection from [client ip]:45382 LOG5[0]: Certificate accepted at depth=0: [cert dn] LOG3[0]: SSL_accept: 1414D17A: error:1414D17A:SSL routines:tls12_check_peer_sigalg:wrong curve LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
We are using EC certs and it's complaining about a curve. So, probably curve-related :)
Our private key on the client side is using the secp256k1 curve. The client is using OpenSSL 1.0.2.
The server is running OpenSSL 1.1.1.
Both client and server support secp256k1.
I tried specifying:
curves = secp256k1
On the server side, but stunnel won't start, telling me that the configuration option isn't valid. I tried it in the global scope, and also in the service-scope and got the same error.
Am I missing something?
Minting new certificates (e.g. using prime256v1/secp256r1) is definitely an option, as my client openssl says it supports the NIST P-256 curve.
$ openssl ecparam -list_curves secp256k1 : SECG curve over a 256 bit prime field secp384r1 : NIST/SECG curve over a 384 bit prime field secp521r1 : NIST/SECG curve over a 521 bit prime field prime256v1: X9.62/SECG curve over a 256 bit prime field
That last one is NIST P-256.
Is my best bet to mint a new certificate? Or is it possible to configure the server to allow this secp256k1 curve?
-chris