Description of problem: I have troubles to connect to VPN SSL connection failure: A TLS fatal alert has been received. I'm using arguments: openconnect vpndnsname --protocol=anyconnect --servercert sha1:sha1fingerprint --cafile cert.pem --certificate cert.pem -k cert.key POST https://vpndnsname/ Connected to XXX.XXX.XXX.XXX:443 Enter PEM pass phrase: Using client certificate 'PERSONAL CERT' SSL negotiation with vpndnsname Connected to HTTPS on vpndnsname with ciphersuite (TLS1.0)-(DHE-CUSTOM1024)-(AES-128-CBC)-(SHA1) POST https://vpndnsname/ SSL negotiation with vpndnsname SSL connection failure: A TLS fatal alert has been received. Failed to open HTTPS connection to vpndnsname Failed to obtain WebVPN cookie Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
This bug appears to have been reported against 'rawhide' during the Fedora 35 development cycle. Changing version to 35.
I too have the same problem and found a solution. As a temporary solution, you can use this: https://copr.fedorainfracloud.org/coprs/dwmw2/openconnect/ solution: https://gitlab.com/openconnect/openconnect/-/issues/189
This is a consequence of https://bugzilla.redhat.com/show_bug.cgi?id=1960763, and it has already been mitigated in OpenConnect source and will be in the next release (as I explained in https://gitlab.com/openconnect/openconnect/-/issues/189#note_825918571).
FEDORA-2022-7b0198079d has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-7b0198079d
FEDORA-2022-7b0198079d has been pushed to the Fedora 36 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-7b0198079d` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-7b0198079d See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2022-7b0198079d has been pushed to the Fedora 36 stable repository. If problem still persists, please make note of it in this bug report.
It looks like FEDORA-2022-7b0198079d didn't fix an issue. ``` [root@aborniakFC ~]# rpm -qa | grep openconnect openconnect-9.01-2.fc36.x86_64 NetworkManager-openconnect-1.2.8-2.fc36.x86_64 [root@aborniakFC ~]# ``` ``` [root@aborniakFC ~]# openconnect --version OpenConnect version v9.01 Using GnuTLS 3.7.6. Features present: TPM, TPMv2, PKCS#11, RSA software token, HOTP software token, TOTP software token, Yubikey OATH, System keys, DTLS, ESP Supported protocols: anyconnect (default), nc, gp, pulse, f5, fortinet, array Default vpnc-script (override with --script): /etc/vpnc/vpnc-script [root@aborniakFC ~]# ``` ``` [root@aborniakFC ~]# openconnect --disable-ipv6 --printcookie --dump-http-traffic -v --gnutls-debug=99 testvpnserver.com FIPS140-2 context is not set FIPS140-2 context is not set FIPS140-2 context is not set FIPS140-2 context is not set ASSERT: mpi.c[wrap_nettle_mpi_print]:60 ASSERT: mpi.c[wrap_nettle_mpi_print]:60 FIPS140-2 context is not set FIPS140-2 context is not set FIPS140-2 context is not set ASSERT: mpi.c[wrap_nettle_mpi_print]:60 FIPS140-2 context is not set FIPS140-2 context is not set FIPS140-2 context is not set FIPS140-2 context is not set ASSERT: mpi.c[wrap_nettle_mpi_print]:60 ASSERT: mpi.c[wrap_nettle_mpi_print]:60 FIPS140-2 context is not set FIPS140-2 context is not set FIPS140-2 context is not set ASSERT: mpi.c[wrap_nettle_mpi_print]:60 POST https://testvpnserver.com/ Attempting to connect to server 1.1.1.1:443 Connected to 130.117.225.6:443 Initializing needed PKCS #11 modules p11: Initializing module: p11-kit-trust p11: No login requested. p11 attrs: CKA_CLASS (CERT), CKA_CERTIFICATE_TYPE p11 attrs: CKA_TRUSTED p11 attrs: CKA_CERTIFICATE_CATEGORY=CA p11: No login requested. p11 attrs: CKA_CLASS (CERT), CKA_CERTIFICATE_TYPE p11 attrs: CKA_TRUSTED p11 attrs: CKA_CERTIFICATE_CATEGORY=CA ASSERT: pkcs11.c[find_multi_objs_cb]:3136 ASSERT: pkcs11.c[gnutls_pkcs11_obj_list_import_url3]:3465 REC[0x561f51635080]: Allocating epoch #0 cfg: system priority /etc/crypto-policies/back-ends/gnutls.config has not changed cfg: finalized system-wide priority string resolved 'OPENCONNECT' to '', next 'SYSTEM' resolved 'SYSTEM' to 'NONE:+ECDHE-RSA:+ECDHE-ECDSA:+RSA:+DHE-RSA:+GROUP-X25519:+GROUP-X448:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-FFDHE2048:+GROUP-FFDHE3072:+GROUP-FFDHE4096:+GROUP-FFDHE6144:+GROUP-FFDHE8192:+AES-256-GCM:+AES-256-CCM:+CHACHA20-POLY1305:+AES-256-CBC:+AES-128-GCM:+AES-128-CCM:+AES-128-CBC:+AEAD:+SHA1:+SHA512:+SIGN-ECDSA-SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+SIGN-ECDSA-SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+SIGN-ECDSA-SHA512:+SIGN-ECDSA-SECP521R1-SHA512:+SIGN-EdDSA-Ed25519:+SIGN-EdDSA-Ed448:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-DTLS1.2', next '' selected priority string: NONE:+ECDHE-RSA:+ECDHE-ECDSA:+RSA:+DHE-RSA:+GROUP-X25519:+GROUP-X448:+GROUP-SECP256R1:+GROUP-SECP384R1:+GROUP-SECP521R1:+GROUP-FFDHE2048:+GROUP-FFDHE3072:+GROUP-FFDHE4096:+GROUP-FFDHE6144:+GROUP-FFDHE8192:+AES-256-GCM:+AES-256-CCM:+CHACHA20-POLY1305:+AES-256-CBC:+AES-128-GCM:+AES-128-CCM:+AES-128-CBC:+AEAD:+SHA1:+SHA512:+SIGN-ECDSA-SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+SIGN-ECDSA-SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+SIGN-ECDSA-SHA512:+SIGN-ECDSA-SECP521R1-SHA512:+SIGN-EdDSA-Ed25519:+SIGN-EdDSA-Ed448:+SIGN-RSA-PSS-SHA256:+SIGN-RSA-PSS-SHA384:+SIGN-RSA-PSS-SHA512:+SIGN-RSA-PSS-RSAE-SHA256:+SIGN-RSA-PSS-RSAE-SHA384:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-DTLS1.2:%COMPAT:-3DES-CBC:-ARCFOUR-128 added 3 protocols, 29 ciphersuites, 17 sig algos and 10 groups into priority list SSL negotiation with testvpnserver.com REC[0x561f51635080]: Allocating epoch #1 HSK[0x561f51635080]: Adv. version: 3.3 FIPS140-2 context is not set FIPS140-2 context is not set Keeping ciphersuite 13.02 (GNUTLS_AES_256_GCM_SHA384) Keeping ciphersuite 13.03 (GNUTLS_CHACHA20_POLY1305_SHA256) Keeping ciphersuite 13.01 (GNUTLS_AES_128_GCM_SHA256) Keeping ciphersuite 13.04 (GNUTLS_AES_128_CCM_SHA256) Keeping ciphersuite c0.30 (GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384) Keeping ciphersuite cc.a8 (GNUTLS_ECDHE_RSA_CHACHA20_POLY1305) Keeping ciphersuite c0.14 (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1) Keeping ciphersuite c0.2f (GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256) Keeping ciphersuite c0.13 (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1) Keeping ciphersuite c0.2c (GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384) Keeping ciphersuite c0.ad (GNUTLS_ECDHE_ECDSA_AES_256_CCM) Keeping ciphersuite cc.a9 (GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305) Keeping ciphersuite c0.0a (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1) Keeping ciphersuite c0.2b (GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256) Keeping ciphersuite c0.ac (GNUTLS_ECDHE_ECDSA_AES_128_CCM) Keeping ciphersuite c0.09 (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1) Keeping ciphersuite 00.9d (GNUTLS_RSA_AES_256_GCM_SHA384) Keeping ciphersuite c0.9d (GNUTLS_RSA_AES_256_CCM) Keeping ciphersuite 00.35 (GNUTLS_RSA_AES_256_CBC_SHA1) Keeping ciphersuite 00.9c (GNUTLS_RSA_AES_128_GCM_SHA256) Keeping ciphersuite c0.9c (GNUTLS_RSA_AES_128_CCM) Keeping ciphersuite 00.2f (GNUTLS_RSA_AES_128_CBC_SHA1) Keeping ciphersuite 00.9f (GNUTLS_DHE_RSA_AES_256_GCM_SHA384) Keeping ciphersuite c0.9f (GNUTLS_DHE_RSA_AES_256_CCM) Keeping ciphersuite cc.aa (GNUTLS_DHE_RSA_CHACHA20_POLY1305) Keeping ciphersuite 00.39 (GNUTLS_DHE_RSA_AES_256_CBC_SHA1) Keeping ciphersuite 00.9e (GNUTLS_DHE_RSA_AES_128_GCM_SHA256) Keeping ciphersuite c0.9e (GNUTLS_DHE_RSA_AES_128_CCM) Keeping ciphersuite 00.33 (GNUTLS_DHE_RSA_AES_128_CBC_SHA1) EXT[0x561f51635080]: Preparing extension (OCSP Status Request/5) for 'client hello' EXT[0x561f51635080]: Sending extension OCSP Status Request/5 (5 bytes) EXT[0x561f51635080]: Preparing extension (Client Certificate Type/19) for 'client hello' EXT[0x561f51635080]: Preparing extension (Server Certificate Type/20) for 'client hello' EXT[0x561f51635080]: Preparing extension (Supported Groups/10) for 'client hello' EXT[0x561f51635080]: Sent group X25519 (0x1d) EXT[0x561f51635080]: Sent group X448 (0x1e) EXT[0x561f51635080]: Sent group SECP256R1 (0x17) EXT[0x561f51635080]: Sent group SECP384R1 (0x18) EXT[0x561f51635080]: Sent group SECP521R1 (0x19) EXT[0x561f51635080]: Sent group FFDHE2048 (0x100) EXT[0x561f51635080]: Sent group FFDHE3072 (0x101) EXT[0x561f51635080]: Sent group FFDHE4096 (0x102) EXT[0x561f51635080]: Sent group FFDHE6144 (0x103) EXT[0x561f51635080]: Sent group FFDHE8192 (0x104) EXT[0x561f51635080]: Sending extension Supported Groups/10 (22 bytes) EXT[0x561f51635080]: Preparing extension (Supported EC Point Formats/11) for 'client hello' EXT[0x561f51635080]: Sending extension Supported EC Point Formats/11 (2 bytes) EXT[0x561f51635080]: Preparing extension (SRP/12) for 'client hello' EXT[0x561f51635080]: Preparing extension (Signature Algorithms/13) for 'client hello' EXT[0x561f51635080]: sent signature algo (4.3) ECDSA-SHA256 EXT[0x561f51635080]: sent signature algo (5.3) ECDSA-SHA384 EXT[0x561f51635080]: sent signature algo (6.3) ECDSA-SHA512 EXT[0x561f51635080]: sent signature algo (8.7) EdDSA-Ed25519 EXT[0x561f51635080]: sent signature algo (8.8) EdDSA-Ed448 EXT[0x561f51635080]: sent signature algo (8.9) RSA-PSS-SHA256 EXT[0x561f51635080]: sent signature algo (8.10) RSA-PSS-SHA384 EXT[0x561f51635080]: sent signature algo (8.11) RSA-PSS-SHA512 EXT[0x561f51635080]: sent signature algo (8.4) RSA-PSS-RSAE-SHA256 EXT[0x561f51635080]: sent signature algo (8.5) RSA-PSS-RSAE-SHA384 EXT[0x561f51635080]: sent signature algo (8.6) RSA-PSS-RSAE-SHA512 EXT[0x561f51635080]: sent signature algo (4.1) RSA-SHA256 EXT[0x561f51635080]: sent signature algo (5.1) RSA-SHA384 EXT[0x561f51635080]: sent signature algo (6.1) RSA-SHA512 EXT[0x561f51635080]: Sending extension Signature Algorithms/13 (30 bytes) EXT[0x561f51635080]: Preparing extension (SRTP/14) for 'client hello' EXT[0x561f51635080]: Preparing extension (Heartbeat/15) for 'client hello' EXT[0x561f51635080]: Preparing extension (ALPN/16) for 'client hello' EXT[0x561f51635080]: Preparing extension (Encrypt-then-MAC/22) for 'client hello' EXT[0x561f51635080]: Preparing extension (Extended Master Secret/23) for 'client hello' EXT[0x561f51635080]: Preparing extension (Session Ticket/35) for 'client hello' EXT[0x561f51635080]: Sending extension Session Ticket/35 (0 bytes) EXT[0x561f51635080]: Preparing extension (Key Share/51) for 'client hello' EXT[0x561f51635080]: sending key share for X25519 FIPS140-2 context is not set FIPS140-2 context is not set EXT[0x561f51635080]: sending key share for SECP256R1 FIPS140-2 context is not set FIPS140-2 context is not set FIPS140-2 context is not set ASSERT: mpi.c[wrap_nettle_mpi_print]:60 ASSERT: mpi.c[wrap_nettle_mpi_print]:60 FIPS140-2 context is not set FIPS140-2 context is not set FIPS140-2 context is not set EXT[0x561f51635080]: Sending extension Key Share/51 (107 bytes) EXT[0x561f51635080]: Preparing extension (Supported Versions/43) for 'client hello' Advertizing version 3.4 Advertizing version 3.3 EXT[0x561f51635080]: Sending extension Supported Versions/43 (5 bytes) EXT[0x561f51635080]: Preparing extension (Post Handshake Auth/49) for 'client hello' EXT[0x561f51635080]: Preparing extension (Safe Renegotiation/65281) for 'client hello' EXT[0x561f51635080]: Sending extension Safe Renegotiation/65281 (1 bytes) EXT[0x561f51635080]: Preparing extension (Server Name Indication/0) for 'client hello' HSK[0x561f51635080]: sent server name: 'testvpnserver.com' EXT[0x561f51635080]: Sending extension Server Name Indication/0 (25 bytes) EXT[0x561f51635080]: Preparing extension (Cookie/44) for 'client hello' EXT[0x561f51635080]: Preparing extension (Early Data/42) for 'client hello' EXT[0x561f51635080]: Preparing extension (PSK Key Exchange Modes/45) for 'client hello' EXT[0x561f51635080]: Sending extension PSK Key Exchange Modes/45 (3 bytes) EXT[0x561f51635080]: Preparing extension (Record Size Limit/28) for 'client hello' EXT[0x561f51635080]: Sending extension Record Size Limit/28 (2 bytes) EXT[0x561f51635080]: Preparing extension (Maximum Record Size/1) for 'client hello' EXT[0x561f51635080]: Preparing extension (Compress Certificate/27) for 'client hello' EXT[0x561f51635080]: Preparing extension (ClientHello Padding/21) for 'client hello' EXT[0x561f51635080]: Sending extension ClientHello Padding/21 (127 bytes) EXT[0x561f51635080]: Preparing extension (Pre Shared Key/41) for 'client hello' HSK[0x561f51635080]: CLIENT HELLO was queued [512 bytes] HWRITE: enqueued [CLIENT HELLO] 512. Total 512 bytes. HWRITE FLUSH: 512 bytes in buffer. REC[0x561f51635080]: Preparing Packet Handshake(22) with length: 512 and min pad: 0 ENC[0x561f51635080]: cipher: NULL, MAC: MAC-NULL, Epoch: 0 WRITE: enqueued 517 bytes for 0x6. Total 517 bytes. REC[0x561f51635080]: Sent Packet[1] Handshake(22) in epoch 0 and length: 517 HWRITE: wrote 1 bytes, 0 bytes left. WRITE FLUSH: 517 bytes in buffer. WRITE: wrote 517 bytes, 0 bytes left. ASSERT: buffers.c[get_last_packet]:1185 READ: Got 5 bytes from 0x6 READ: read 5 bytes from 0x6 RB: Have 0 bytes into buffer. Adding 5 bytes. RB: Requested 5 bytes REC[0x561f51635080]: SSL 3.3 Alert packet received. Epoch 0, length: 2 REC[0x561f51635080]: Expected Packet Handshake(22) REC[0x561f51635080]: Received Packet Alert(21) with length: 2 READ: Got 2 bytes from 0x6 READ: read 2 bytes from 0x6 RB: Have 5 bytes into buffer. Adding 2 bytes. RB: Requested 7 bytes REC[0x561f51635080]: Decrypted Packet[0] Alert(21) with length: 2 REC[0x561f51635080]: Alert[2|40] - Handshake failed - was received ASSERT: record.c[record_add_to_buffers]:903 ASSERT: record.c[record_add_to_buffers]:909 ASSERT: record.c[_gnutls_recv_in_buffers]:1589 ASSERT: buffers.c[_gnutls_handshake_io_recv_int]:1467 ASSERT: handshake.c[_gnutls_recv_handshake]:1600 ASSERT: handshake.c[handshake_client]:3067 BUF[HSK]: Emptied buffer SSL connection failure: A TLS fatal alert has been received. BUF[HSK]: Emptied buffer REC[0x561f51635080]: Start of epoch cleanup REC[0x561f51635080]: End of epoch cleanup REC[0x561f51635080]: Epoch #0 freed REC[0x561f51635080]: Epoch #1 freed Failed to open HTTPS connection to testvpnserver.com Failed to complete authentication [root@aborniakFC ~]# ``` This is shourt version without debug. ``` [root@aborniakFC ~]# openconnect testvpnserver.com POST https://testvpnserver.com/ Connected to 1.1.1.1:443 SSL negotiation with testvpnserver.com SSL connection failure: A TLS fatal alert has been received. Failed to open HTTPS connection to testvpnserver.com Failed to complete authentication [root@aborniakFC ~]# ```
The server has closed the connection for some reason but this is not clear from the log. Try the following: - switch crypto policies to legacy - run gnutls-cli-debug on the server I suspect the server cannot handle a TLS 1.3 client.
>switch crypto policies to legacy I have tried it - the output/result was the same. >run gnutls-cli-debug on the server ``` [root@aborniakFC ~]# gnutls-cli-debug testvpnserver.com GnuTLS debug client 3.7.6 Checking testvpnserver.com:443 whether the server accepts default record size (512 bytes)... no whether %ALLOW_SMALL_RECORDS is required... no whether we need to disable TLS 1.2... yes whether we need to disable TLS 1.1... yes whether we need to disable TLS 1.0... yes for TLS 1.0 (RFC2246) support... no for TLS 1.0 (RFC2246) support with TLS 1.0 record version... no for TLS 1.1 (RFC4346) support... no fallback from TLS 1.1 to... failed for TLS 1.2 (RFC5246) support... no for TLS 1.3 (RFC8446) support... no for known TLS or SSL protocols support... no [root@aborniakFC ~]# ```
This seems like a server with very special needs. You may want to debug this with the administrators of the server.
The server is based on Cisco ASA. I am not sure that I can contact the administrator of the server. In any case, Thank you for your support and advice. Have a nice day.
This server appears strikingly similar to the server I was studying when I wrote these GnuTLS MRs: https://gitlab.com/gnutls/gnutls/-/merge_requests/1221 https://gitlab.com/gnutls/gnutls/-/merge_requests/1251 In order to connect to it (see https://gitlab.com/openconnect/openconnect/-/issues/145#note_344021686), I had to use the following command-line to ensure that GnuTLS would only try SSLv3 and TLSv1.0 _without extensions_, and would only offer the 3DES and RC4 ciphers: openconnect --allow-insecure-crypto --gnutls-priority "NONE:+VERS-SSL3.0:+VERS-TLS1.0:%NO_EXTENSIONS:%SSL3_RECORD_VERSION:+3DES-CBC:+ARCFOUR-128:+MD5:+SHA1:+COMP-ALL:+KX-ALL" ancient.vpn.server.com (Needless to say, this configuration is extremely insecure.)
Hello Daniel, Thank you for your reply. The specified command doesn't work for me, I get the same error. I am pretty sure that a firmware update on Cisco ASA will fix this issue. I put an update when it is done.