Develop Reference

Node 19 Container Unsafe Legacy Renegotiation Disabled

I am very frustrated and I hope someone here might be able to help. I'm deploying an application to production using the Node 19 Slim image as a basis. Inside the application there is a service that uses fetch to call an external service, which uses an outdated TLS version. I cannot affect changes in the external service and it will not be updated.
I tried reducing the TLS version in the container by passing NODE_OPTIONS="--tls-min-v1.0" as environment variable, but the error is actually coming from the operating system-
{"library":"SSL routines","reason":"unsafe legacy renegotiation disabled","code":"ERR_SSL_UNSAFE_LEGACY_RENEGOTIATION_DISABLED"}
I therefore tried to modify the openssl.cnf file by following various stackoverflow answers (see for example: SSL error unsafe legacy renegotiation disabled, and this: https://pipeawk.com/index.php/2022/05/19/openssl-enable-legacy-renegotiation/). I tried both overriding the conf file using the OPENSSL_CONF environment variable, and by replacing the openssl.cnf file in the container (/usr/lib/ssl/openssl.cnf), using the following file:
HOME = .
# Extra OBJECT IDENTIFIER info:
#oid_file = $ENV::HOME/.oid
oid_section = new_oids
# System default
openssl_conf = openssl_init
# To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use:
# extensions =
# (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.)
[ new_oids ]
# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
# Add a simple OID like this:
# testoid1=1.2.3.4
# Or use config file substitution like this:
# testoid2=${testoid1}.5.6
# Policies used by the TSA examples.
tsa_policy1 = 1.2.3.4.1
tsa_policy2 = 1.2.3.4.5.6
tsa_policy3 = 1.2.3.4.5.7
####################################################################
[ ca ]
default_ca = CA_default # The default ca section
####################################################################
[ CA_default ]
dir = ./demoCA # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several certs with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
crlnumber = $dir/crlnumber # the current crl number
# must be commented out to leave a V1 CRL
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
x509_extensions = usr_cert # The extensions to add to the cert
# Comment out the following two lines for the "traditional"
# (and highly broken) format.
name_opt = ca_default # Subject Name options
cert_opt = ca_default # Certificate field options
# Extension copying option: use with caution.
# copy_extensions = copy
# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
# so this is commented out by default to leave a V1 CRL.
# crlnumber must also be commented out to leave a V1 CRL.
# crl_extensions = crl_ext
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = default # use public key default MD
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy = policy_match
# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName = match
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
# For the 'anything' policy
# At this point in time, you must list all acceptable 'object'
# types.
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
####################################################################
[ req ]
default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extensions to add to the self signed cert
# Passwords for private keys if not present they will be prompted for
# input_password = secret
# output_password = secret
# This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString (PKIX recommendation before 2004)
# utf8only: only UTF8Strings (PKIX recommendation after 2004).
# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
# MASK:XXXX a literal mask value.
# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
string_mask = utf8only
# req_extensions = v3_req # The extensions to add to a certificate request
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = AU
countryName_min = 2
countryName_max = 2
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = Some-State
localityName = Locality Name (eg, city)
0.organizationName = Organization Name (eg, company)
0.organizationName_default = Internet Widgits Pty Ltd
# we can do this but it is not needed normally :-)
#1.organizationName = Second Organization Name (eg, company)
#1.organizationName_default = World Wide Web Pty Ltd
organizationalUnitName = Organizational Unit Name (eg, section)
#organizationalUnitName_default =
commonName = Common Name (e.g. server FQDN or YOUR name)
commonName_max = 64
emailAddress = Email Address
emailAddress_max = 64
# SET-ex3 = SET extension number 3
[ req_attributes ]
challengePassword = A challenge password
challengePassword_min = 4
challengePassword_max = 20
unstructuredName = An optional company name
[ usr_cert ]
# These extensions are added when 'ca' signs a request.
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
# This is required for TSA certificates.
# extendedKeyUsage = critical,timeStamping
[ v3_req ]
# Extensions to add to a certificate request
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
basicConstraints = critical,CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign
# Some might want this also
# nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
# subjectAltName=email:copy
# Copy issuer details
# issuerAltName=issuer:copy
# DER hex encoding of an extension: beware experts only!
# obj=DER:02:03
# Where 'obj' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF
[ crl_ext ]
# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always
[ proxy_cert_ext ]
# These extensions should be added when creating a proxy certificate
# This goes against PKIX guidelines but some CAs do it and some software
# requires this to avoid interpreting an end user certificate as a CA.
basicConstraints=CA:FALSE
# Here are some examples of the usage of nsCertType. If it is omitted
# the certificate can be used for anything *except* object signing.
# This is OK for an SSL server.
# nsCertType = server
# For an object signing certificate this would be used.
# nsCertType = objsign
# For normal client use this is typical
# nsCertType = client, email
# and for everything including object signing:
# nsCertType = client, email, objsign
# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
# This will be displayed in Netscape's comment listbox.
nsComment = "OpenSSL Generated Certificate"
# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# An alternative to produce certificates that aren't
# deprecated according to PKIX.
# subjectAltName=email:move
# Copy subject details
# issuerAltName=issuer:copy
#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName
# This really needs to be in place for it to be a proxy certificate.
proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
####################################################################
[ tsa ]
default_tsa = tsa_config1 # the default TSA section
[ tsa_config1 ]
# These are used by the TSA reply generation only.
dir = ./demoCA # TSA root directory
serial = $dir/tsaserial # The current serial number (mandatory)
crypto_device = builtin # OpenSSL engine to use for signing
signer_cert = $dir/tsacert.pem # The TSA signing certificate
# (optional)
certs = $dir/cacert.pem # Certificate chain to include in reply
# (optional)
signer_key = $dir/private/tsakey.pem # The TSA private key (optional)
signer_digest = sha256 # Signing digest to use. (Optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory)
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
clock_precision_digits = 0 # number of digits after dot. (optional)
ordering = yes # Is ordering defined for timestamps?
# (optional, default: no)
tsa_name = yes # Must the TSA name be included in the reply?
# (optional, default: no)
ess_cert_id_chain = no # Must the ESS cert id chain be included?
# (optional, default: no)
ess_cert_id_alg = sha1 # algorithm to compute certificate
# identifier (optional, default: sha1)
[default_conf]
ssl_conf = ssl_sect
[openssl_init]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
MinProtocol = TLSv1.0
CipherString = DEFAULT#SECLEVEL=1
Options = UnsafeLegacyRenegotiation
But, the error keeps as is. Here is my Dockerfile for reference:
FROM node:19-slim as base
RUN apt-get update \
&& apt-get upgrade \
&& apt-get install -y openssl \
&& apt-get clean -y \
&& rm -rf /root/.cache \
&& rm -rf /var/apt/lists/* \
&& rm -rf /var/cache/apt/*
FROM base as install
WORKDIR /app/
ARG TARGET
COPY package.json pnpm-lock.yaml tsconfig.json nest-cli.json .npmrc ./
RUN npm i -g pnpm
RUN pnpm install --frozen-lockfile
COPY apps/shared apps/shared
COPY apps/${TARGET}/tsconfig.app.json apps/${TARGET}/tsconfig.app.json
COPY apps/${TARGET}/src apps/${TARGET}/src
COPY prisma prisma
RUN pnpm run prisma:generate
FROM install as build
WORKDIR /app/
ARG TARGET
RUN pnpm run build ${TARGET}
COPY public dist
FROM base AS app
WORKDIR /app/
ARG SERVER_PORT=8000
ARG TARGET
ARG NODE_OPTIONS=""
EXPOSE ${SERVER_PORT}
ENV SERVER_PORT=${SERVER_PORT}
ENV NODE_ENV=production
ENV NODE_OPTIONS=${NODE_OPTIONS}
COPY --from=build /app/dist/apps/${TARGET} dist
COPY --from=build /app/prisma prisma
COPY --from=build /app/node_modules node_modules
COPY public dist
COPY openssl.cnf /usr/lib/ssl/openssl.cnf
RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 app
RUN chown -R app:nodejs ./dist
USER app
CMD ["dist/main.js"]
Note - i have to install openssl for prisma.

Elasticsearch xpack RSA_verify_PKCS1_PSS_mgf1:first octet invalid

AKS: 1.20.7
Elasticsearch : 7.12.0
client: openssl
Description of the problem
Cluster fails to come live when PEM files are downloaded from cloud and mounted # /usr/share/elasticsearch/config/certs without a custom Elasticsearch image
Works fine with a custom Elasticsearch image and PEM files copied to /usr/share/elasticsearch/config/certs during image building
PEM files are downloaded from KeyVault using CSI driver
PEM files downloaded from cloud provider (Error case)
[elasticsearch#test-rp-search-master-0 ~]$ openssl s_client -connect 127.0.0.1:9200
CONNECTED(00000003)
Can't use SSL_get_servername
depth=0 C = US, ST = US, O = Self Signed, CN = test-rp-search-data
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = US, ST = US, O = Self Signed, CN = test-rp-search-data
verify error:num=21:unable to verify the first certificate
verify return:1
140680078673728:error:0407E086:rsa routines:RSA_verify_PKCS1_PSS_mgf1:last octet
invalid:crypto/rsa/rsa_pss.c:88:
140680078673728:error:1417B07B:SSL routines:tls_process_cert_verify:bad
signature:ssl/statem/statem_lib.c:505:
---
Certificate chain
0 s:C = US, ST = US, O = Self Signed, CN = test-rp-search-data
i:C = US, ST = US, O = Self Signed, CN = Research Platform Issuing CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEzDCCArSgAwIBAgIUIQThqQtH1QPR3YocBxLrrj+RQ9owDQYJKoZIhvcNAQEL
BQAwVzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlVTMRQwEgYDVQQKDAtTZWxmIFNp
PEM files in the Elasticsearch custom images (Works fine)
[elasticsearch#test-rp-search-master-0 ~]$ openssl s_client -connect 127.0.0.1:9200
CONNECTED(00000003)
Can't use SSL_get_servername
depth=0 C = US, ST = US, O = Self Signed, CN = test-rp-search-data
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = US, ST = US, O = Self Signed, CN = test-rp-search-data
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:C = US, ST = US, O = Self Signed, CN = test-rp-search-data
i:C = US, ST = US, O = Self Signed, CN = Research Platform Issuing CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEzDCCArSgAwIBAgIUIQThqQtH1QPR3YocBxLrrj+RQ9YwDQYJKoZIhvcNAQEL
BQAwVzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlVTMRQwEgYDVQQKDAtTZWxmIFNp

Export RSA Keys to stunnel.key [duplicate]

I followed this url to create a X509 certificate. And the code is:
from OpenSSL import crypto, SSL
from socket import gethostname
from pprint import pprint
from time import gmtime, mktime
CERT_FILE = "selfsigned.crt"
KEY_FILE = "private.key"
def create_self_signed_cert():
# create a key pair
k = crypto.PKey()
k.generate_key(crypto.TYPE_<wbr>RSA, 1024)
# create a self-signed cert
cert = crypto.X509()
cert.get_subject().C = "UK"
cert.get_subject().ST = "London"
cert.get_subject().L = "London"
cert.get_subject().O = "Dummy Company Ltd"
cert.get_subject().OU = "Dummy Company Ltd"
cert.get_subject().CN = gethostname()
cert.set_serial_number(1000)
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(10*<wbr>365*24*60*60)
cert.set_issuer(cert.get_<wbr>subject())
cert.set_pubkey(k)
cert.sign(k, 'sha1')
open(CERT_FILE, "wt").write(
crypto.dump_certificate(<wbr>crypto.FILETYPE_PEM, cert))
open(KEY_FILE, "wt").write(
crypto.dump_privatekey(crypto.<wbr>FILETYPE_PEM, k))
create_self_signed_cert()
But there is something wrong with the code when I run it. Could someone tell me what the meaning of <wbr>? There is a SyntaxError in cert.gmtime_adj_notAfter(10*<wbr>365*24*60*60). Thx.

A version which works with python3
from OpenSSL import crypto, SSL
def cert_gen(
emailAddress="emailAddress",
commonName="commonName",
countryName="NT",
localityName="localityName",
stateOrProvinceName="stateOrProvinceName",
organizationName="organizationName",
organizationUnitName="organizationUnitName",
serialNumber=0,
validityStartInSeconds=0,
validityEndInSeconds=10*365*24*60*60,
KEY_FILE = "private.key",
CERT_FILE="selfsigned.crt"):
#can look at generated file using openssl:
#openssl x509 -inform pem -in selfsigned.crt -noout -text
# create a key pair
k = crypto.PKey()
k.generate_key(crypto.TYPE_RSA, 4096)
# create a self-signed cert
cert = crypto.X509()
cert.get_subject().C = countryName
cert.get_subject().ST = stateOrProvinceName
cert.get_subject().L = localityName
cert.get_subject().O = organizationName
cert.get_subject().OU = organizationUnitName
cert.get_subject().CN = commonName
cert.get_subject().emailAddress = emailAddress
cert.set_serial_number(serialNumber)
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(validityEndInSeconds)
cert.set_issuer(cert.get_subject())
cert.set_pubkey(k)
cert.sign(k, 'sha512')
with open(CERT_FILE, "wt") as f:
f.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert).decode("utf-8"))
with open(KEY_FILE, "wt") as f:
f.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, k).decode("utf-8"))
cert_gen()

Just remove <wbr>. So stupid I am.

This is a really useful question; as the referenced link is now dead; and this is one of the first results for searching for "python create ssl certificate".
I would add to it though, that "open(xxx, "wt").write()" is asking for problems later. By not explicitly closing the file, you may find that the garbage collector hasn't run when you try to actually use the file - resulting in a failure.
it's better to use:
with open(xxx, "w") as f:
f.write()
which will ensure that the file is closed when you're done.

Openssl: error 20 at 0 depth lookup:unable to get local issuer certificate

I created 3 certificates using Python: rootca.crt, intermediateca.crt and server.crt.
I used the rootca.crt to sign intermediateca.crt, which works as expected:
openssl verify -CAfile rootca.crt intermediateca.crt
intermediateca.crt: OK
Then I signed the server.crt with the intermediate ca, but verification fails:
openssl verify -CAfile rootca.crt -untrusted intermediateca.crt server.crt
server.crt: C = DE, ST = mein Bundesland, L = meine Stadt, O = meine Firma, CN = server.example.com, emailAddress = info#meine-firma.de
error 20 at 0 depth lookup:unable to get local issuer certificate
When I parse the certificates, the server.crt authority key identifier matches the intermediateca subject key identifier. Can anyone give me a hint what could be wrong? If I generate the same certificates with the openssl command line tool it works. The parsed content is identical, apart from the fact that the authority key identifier also contains a serial and a cn for the openssl generated certificate.

The intermediate CA cannot be used to verify the server certificate because its subject name does not match the issuer name specified in the server certificate.
Let's have openssl dump the subject and issuer names. The -xx_hash shows the hash that openssl uses to build up the certificate chain:
$ openssl x509 -subject -subject_hash -noout -in rootca.crt
subject=C = DE, ST = mein Bundesland, L = meine Stadt, O = meine Firma, OU = meine Abteilung, CN = serviceserver.example.com, emailAddress = info#meine-firma.de
347e2056
$ openssl x509 -issuer -issuer_hash -noout -in intermediateca.crt
issuer=C = DE, ST = mein Bundesland, L = meine Stadt, O = meine Firma, OU = meine Abteilung, CN = serviceserver.example.com, emailAddress = info#meine-firma.de
347e2056
Great, the intermediate's Issuer name matches the root's Subject name. That part of the chain works.
$ openssl x509 -subject -subject_hash -noout -in intermediateca.crt
subject=C = DE, ST = mein Bundesland, L = meine Stadt, O = meine Firma, CN = serviceserver.example.com, emailAddress = info#meine-firma.de
c4dff14c
$ openssl x509 -issuer -issuer_hash -noout -in server.crt
issuer=C = DE, ST = mein Bundesland, L = meine Stadt, O = meine Firma, OU = meine Abteilung, CN = serviceserver.example.com, emailAddress = info#meine-firma.de
347e2056
Oops: the hash is different, so openssl cannot connect the intermediate CA to the server certificate. The difference is that the intermediate's subject name contains a OU field whereas the server's issuer name does not. openssl was correct when it told you that it could not find an issuer.
I'm not sure how you got it in this state, my guess would be some misconfiguration of the subject or issuer name.

Putting extensions in a certificate in OpenSSL

I need to put extensions in a certificate like this in the picture, I tried many ways, but I can not.
I'm running:
"#openssl req -new -keyout $nomerepre.key -out $nomerepre.csr -passin pass:$senha -config myconfig.cnf"
"#openssl x509 -req -days 365 -in $nomerepre.csr -CA ca.crt -CAkey ca.key -set_serial 10102014 -out $nomerepre.crt -passin pass:$senha -extfile myconfig.cnf -extensions v3_req"
My configuration file is thus below
myconfigssl.conf
oid_section = OIDs
[ req ]
default_bits = 2048
prompt = no
encrypt_key = no
default_md = sha1
distinguished_name = dn
req_extensions = v3_req
[ OIDs ]
MyOID=2.16.76.1.3.4
[ dn ]
CN = John Smith
emailAddress = john.smith#quovadisglobal.com
O = QuoVadis Group
C = US
[v3_req]
1.2.3.4.5.6.7.8=ASN1:UTF8String:Something
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
#subjectAltName = #alt_names
[alt_names]
MyOID = 00000000111111111112222222222233333333333444444
2.16.76.1.3.4 = 00000000111111111112222222222233333333333444444
Unfortunately the result that this is going:

I don't understand why you got no extensions as shown in EG2Oa.jpg. You should have extension 1.2.3.4.5.6.7.8 there. SubjectAltName is commented so it should not be in the certificate.
I tried using xca which uses OpenSSL 1.0.2d as show in the picture
I used this config
# if it should be a separate extension
2.16.76.1.3.4=ASN1:UTF8String:Some random data
#if it should be a part of subjectAltName
subjectAltName=#subject_alt_section
[subject_alt_section]
otherName=2.16.76.1.3.4;UTF8:Some random data
And I got this certificate
Now some theory. I don't know where this extension should be placed. If it is a separate extension or if it should be a part of SubjectAltName. I don't know if the extension should be an UTF8String or OctetString or a Sequence of something.
If you want a separate extension you can use 2.16.76.1.3.4=ASN1:UTF8String:Some random data as you already tried. More on arbitrary extensions can be found here.
This extension can be part of subjectAltName according to the description of the oid. Definition of otherName can be found in RFC5280 in section 4.2.1.6. If so then this config worked for me
subjectAltName=#subject_alt_section
[subject_alt_section]
otherName=2.16.76.1.3.4;UTF8:Some random data
Using the above mentioned config I've got structure of the certificate as shown in the picture below. ASN1Editor was used to show the structure.