"tls_process_ske_dhe:dh key too small" error when connecting to an old API

Question

I'm trying to connect to an old API ( Runing Java 6 ) with Node and I'm getting blocked by the SSL handshake.

Full error looks like this : Error: 65756:error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small:openssl\ssl\statem\statem_clnt.c:1472:

I have tried a lot of different things to solve this but none got me any closer. Here is the test script I run to avoid having to pull the whole integration :

const tls = require('tls');

tls.connect({
    host: 'old.api.com',
    port: 8443,
    //ciphers: suiteFromNmap,
    //secureProtocol: 'TLSv1_method',
    //minDHSize: 768,
}, function(result) {
    console.log(result);
}).on('error', function(err) {
    console.log(err);
});

I've tried playing with the ciphers parameter, never made any difference whichever suite I used, sometime broke with a different error because of no common ciphers found.

I did some digging with nmap which lead to this :

PORT     STATE SERVICE
8443/tcp open  https-alt
| ssl-enum-ciphers:
|   TLSv1.0:
|     ciphers:
|       TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA - E
|       TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (dh 768) - E
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 768) - C
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 768) - B
|       TLS_DHE_RSA_WITH_DES_CBC_SHA (dh 768) - E
|       TLS_RSA_EXPORT_WITH_DES40_CBC_SHA - E
|       TLS_RSA_EXPORT_WITH_RC4_40_MD5 - E
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_DES_CBC_SHA (rsa 2048) - C
|       TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
|       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
|     compressors:
|       NULL
|     cipher preference: client
|     warnings:
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|       64-bit block cipher DES vulnerable to SWEET32 attack
|       64-bit block cipher DES40 vulnerable to SWEET32 attack
|       Broken cipher RC4 is deprecated by RFC 7465
|       Ciphersuite uses MD5 for message integrity
|       Key exchange (dh 768) of lower strength than certificate key
|_  least strength: E

I tried to change the minDHSize parameter to match the one pointed out in the warnings but the error stay the same.

Tried to use an online SSL check ( https://www.ssllabs.com/ssltest/ ) and got this :

Tried these ciphers but still the same error.

ssllabs.com seems to be happy with their cert but wget fails without --no-check-certificate :

ERROR: The certificate of ‘old.api.com’ is not trusted.
ERROR: The certificate of ‘old.api.com’ hasn't got a known issuer.

At this point I'm not sure what else I can try, is there nothing I can make on my side to make node connect to this server ? I'm willing to go for a low security version of it considering there is nothing really important or private happening, as long as I don't have to make the whole node instance insecure.

Answer 1

Try to set CipherString to a lower level in /etc/ssl/openssl.cnf

    [ default_conf ]

    ssl_conf = ssl_sect

    [ssl_sect]

    system_default = ssl_default_sect

    [ssl_default_sect]
    MinProtocol = TLSv1.2
    CipherString = DEFAULT:@SECLEVEL=1