I have setup with Haproxy fronting 2 backend servers and TLS termination on Hproxy as well as TLS between haproxy and the backend. Everything is working fine, but for a specific client device. Whenever said device tries to connect, an error is thrown and the connection is closed during SSL handshake (right after client hello). Now the haproxy access log states the reason as no shared cipher, but using ssldump
to capture the connection, I can see the client is listing its ciphers, and there are for sure shared ciphers between client and haproxy. Haproxy is running on docker, (LTS alpine 3.18).
Here are the ciphers that are in the Haproxy config:
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSA-CHACHA20-POLY1305
ECDHE-RSA-CHACHA20-POLY1305
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA256
And here is the client hello, note the ciphers:
New TCP connection #1: 172.16.16.59(36355) ↔ 21b9153213ab(7547)
1 1 0.1055 (0.1055) C>S V3.0(105) Handshake
ClientHello
Version 3.3
random[32]=
64 99 8f 51 5d 82 4c 51 e3 b8 d7 1f 49 92 60 4f
3b e5 f8 ec 6f 3f fe bc 62 85 43 cd b9 eb 5b d8
cipher suites
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_EMPTY_RENEGOTIATION_INFO_SCSV
compression methods
NULL
extensions
signature_algorithms
1 2 0.1148 (0.0093) S>C V3.3(2) Alert
level fatal
value handshake_failure
1 0.1197 (0.0049) C>S TCP FIN
1 0.1229 (0.0031) S>C TCP FIN
Now if I’m not wrong, ECDHE-ECDSA-AES256-GCM-SHA384 is the same as TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 … A shared cipher, and the first one listed in the config.
Given the above, I’m no expert on TLS and cipher suites, therefore I don’t understand why Haproxy returns no shared cipher?
Now to be fair, I tried skipping Haproxy, letting the client communicate directly with the backend server, and that as well returns an error, stating SSL handshake failure as a reason (though it does not provide detail as to where the handshake failed, but I’m assuming the same thing as above). I realize this may be a problem with my client device, but just wanted to see if anyone might have some insight into this.