This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

Decrypt-error with Inbound Decryption DHE or ECDHE on 8.1.3

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Decrypt-error with Inbound Decryption DHE or ECDHE on 8.1.3

jsalmans
L4 Transporter

‎02-04-2019 10:31 AM

Greetings all,

 

I feel like I'm probably missing something simple here, but I'm running into a decrypt-error issue on 8.1.3 in regards to a server that is negotiating DHE or ECDHE ciphers with the client.  On Chrome I get:

 

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

 

And on Firefox I get:

 

SSL_ERROR_NO_CYPHER_OVERLAP

 

If I turn off decryption for this or set it to RSA only, the traffic goes through (albeit not decrypted) so the client and server do indeed have shared ciphers they can negotiate to.  A packet capture from my machine and an SSL Labs scan of the server seems to back this up.

 

I know DHE and ECDHE wasn't supported on Inbound Decryption before but the warning is no longer on the configuration GUI and I see newer documentation that it has been supported since an 8.0 version.

 

Any ideas on what I might be doing wrong or how I should proceed with troubleshooting?

0 Likes Likes
17 REPLIES 17

gwesson
L7 Applicator

‎02-04-2019 10:58 AM

The Firefox error is better in terms of what it's saying: no cipher overlap.

 

When your client sends the Client Hello, it will specify some number of cipher suites that it supports. When the server (your firewall in this case) gets that list, it tries to match with the highest security cipher in that list. But if the firewall doesn't have any that match the client's list, you will get the error that you got.

 

Check a few things:

1. Your decryption profile on the firewall should include at least one cipher that the client is sending. Go to Objects > Decryption > Decryption Profile and hit the SSL Protocol Settings on the profile you use in your decrypt rule for this traffic.

2. While you're there, make sure that the "Protocol Versions" is set with the max version of "Max". Chrome has recently stopped supporting TLS 1.0, and others (Firefox, Edge, Opera, Safari, etc.) may have as well or will be soon), so if you're maxing that out at TLS 1.0 or 1.1, you'll be out of luck for most browsers.

3. Make sure that your browsers are configured to send all the DHE and ECDHE ciphers it should, and that they haven't been artificially limited by some setting on your end.

4. Run a TLS check (Qualys has a popular one for free) to see what you're supporting if the site is publicly accessible.

MP18
Cyber Elite
Cyber Elite
In response to gwesson

‎02-04-2019 12:16 PM

Very good Explanation.

MP
0 Likes Likes

jsalmans
L4 Transporter
In response to gwesson

‎02-04-2019 06:59 PM

Thanks for the reply.

 

  1. I believe I've done that. 

    firewall.png

  2. I've tried this as Max and also setting TLS 1.2 as the max.
  3. As far as I know, Firefox and Chrome are both using whatever the defaults are.  If I turn off decryption, I can see it negotiating successfully with the server wiht an ECDHS cipher.  Here is what the packet capture is seeing my client offer.

    client.png

  4. Here is the SSL Labs results for TLS 1.2:

    server.png

 

0 Likes Likes

LukeBullimore
L5 Sessionator
In response to jsalmans

‎02-05-2019 05:42 AM - edited ‎02-05-2019 05:43 AM

This is as far as I understand it:

 

For decrypting inbound connections whereby RSA is used, the firewall doesn't have to proxy the connection since it has the private key, it can decrypt the traffic on the fly.

 

For DHE and ECDHE traffic, since there is a new public/private key pair for each session the firewall cannot simply decrypt the traffic as it passes through, it instead needs to proxy with the server. Perhaps if you do a packet capture on the server side of things you should see traffic from there to the firewall with the SSL handshake failing?

 

Cheers,

Luke.

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks