Installed a self signed certificate on a web site in IIS 10 on windows server 2016. I added it to the bindings and set SSL Settings to "Accept" client certificates. When I try to pull the web site up in a browser it works without ssl, but times out when using ssl. How do I trouble shoot this?
From the request below here is the ssl test info with sensitive info changed;
BINDING: http *:80:website.com
BINDING: https *:443:website.com
SSLCertHash: hashcode
SSL Flags: None
Testing EndPoint: 127.0.0.1
#CertName: CertificateName
#Version: 3
#You have a private key that corresponds to this certificate.
#Signature Algorithm: sha256RSA
#Key Exchange Algorithm: RSA Key Size: 2048
This is not an ECC certificate, so ECDSA cipher suites cannot be used.
#Subject: CN=servername
#Issuer: CN=servername
#Validity: From 9/23/2022 12:42:28 PM To 9/22/2023 8:00:00 PM
#Serial Number: 39eifjvif934ier93ie93id93ie93ie92i
DS Mapper Usage: Disabled
Archived: False
#Key Usage: DataEncipherment, KeyEncipherment
#Enhanced Key Usage: Server Authentication (nine numbers)
Modern web browsers require Subject Alternative Name extension to present. This certificate does not have SAN extension, so might trigger warnings and/or errors.
Certificate verified.
Related
I have traffic between clients (which send XML over HTTPS) to my IIS.
I tried to decrypt the traffic using Wireshark and the following settings:
Adding the private key:
But even after setting this, I can't see the decrypted data:
Should I change any other settings to see the original data?
There is strong possibility that a Diffie-Hellman (DH) key exchange is being used here. In that case Wireshark cannot decipher SSL/TLs with a private key. You can check for this in the handshake packet.
From the Docs:
The RSA private key file can only be used in the following
circumstances:
The cipher suite selected by the server is not using (EC)DHE.
The protocol version is SSLv3, (D)TLS 1.0-1.2. It does not work with TLS 1.3.
The private key matches the server certificate. It does not work with the client certificate, nor the Certificate Authority (CA)
certificate.
The session has not been resumed. The handshake must include the ClientKeyExchange handshake message.
I am setting up a IoT 2-way TLS authentication.
The common way is that both client- and the root (CA) certificate Private Key is RSA.
Now we have devices with limited memory, why we chose to switch to Eliptic Curve Private Keys on the client certificates in the IoT devices. The server certificate remained untouched (RSA).
From my understanding the handshake should succeed. Or do I understand anything wrong? Or do we have to switch the CA certificate to ECC as well?
After a quick test session: It IS possible to use a client certificate with a different private key algorithm than the Root Certificate on the server.
Client: OpenSSL
Server: BoringSSL
I started mosquitto broker with SSL using CA,cert and key when I am trying to connect to broker the library in elixir tortoise is asking me to put the key and cert with certifi. When I looked into certifi it is showing the list of CA can we use this self signed?
Tortoise.Supervisor.start_child(
client_id: "smart-spoon",
handler: {Tortoise.Handler.Logger, []},
server: {
Tortoise.Transport.SSL,
host: host, port: port,
cacertfile: :certifi.cacertfile(),
key: key, cert: cert
},
subscriptions: [{"foo/bar", 0}])
Should I put the key and cert and client side?? I think that is very bad as key is secret please help me understand how it works
For "normal" SSL connections where the client wants to prove the broker is who they claim to be the client should only require a list of CA certificates to check the certificate presented by the broker. For this case you should normally leave the key and cert fields empty
If you are doing mutually authenticated SSL where the client is also proving to the broker who they are then you need to supply the client with it's own certificate/key (not the certificate/key from the broker but probably[but not required] signed by the same CA)
I'm trying to set up client certificate authentication. I was able to generate a CA-, server- and client-certificate. As long as I use Fiddler everything works as expected. However, as soon as I start using a browser it doesn't work anymore (HTTP Error 403.7 - Forbidden).
Of course I imported the client certificate in the Personal store and I made sure Client Certificate Negotiation is enabled.
I also tried openssl s_client -connect 127.0.0.1:443 -state -debug but I couldn't really make sense of the result... The only thing what's weird is that my CA doesn't show up in the Acceptable client certificate CA names section.
Anything else I could try?
Update:
I think it doesn't matter but my server certificate is set up for 127.0.0.1. Therefore I'm using https://127.0.0.1/... in my browsers.
Update2:
Using Wireshark I noticed that my servers' response depends on the client:
Fiddler (OK):
Client Hello
Server Hello, Certificate, Server Hello Done
Browser (Not OK):
Client Hello
Server Hello, Change Cipher Spec, Encrypted Handshake Message
Update3:
After enabling clientcertnegotiation the server response is different but still doesn't work:
Server Hello, Certificate
Certificate Request
Certificate, Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
My self-signed CA doesn't seem to be in the Distinguished Names list...
Update4:
SSL Settings: Checked Require SSL and Client certificates set as Required. Client cert shows up in Personal and the intended purpose is Client Authentication.
I finally found the issue and a workaround:
As mentioned in Update3, Distinguished Names doesn't contain my CA. This is because Distinguished Names has a limit of 2^14 bytes (16384 bytes). Because I do have a lot of CA installed on my machine my CA simply didn't make it in. The TLS standard would allow to send multiple messages but unfortunately Windows doesn't support this!
As mentioned here you have a few possibilities. The simplest one is this:
At your server add a DWORD (not QWORD!) value called SendTrustedIssuerList in your registry under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL and set it to 0. This will prevent your server from sending a list at all, letting the client choose from any installed client certificate.
Unfortunately I couldn't see any traces in the Event Viewer (as reported elsewhere). Therefore the issue wasn't easy to spot (I had to use Wireshark in order to check Distinguished Names).
Use the Accept option instead of the Require option of the "Client certificates" feature.
In IIS Manager, locate the Web application for which you want to change the SSL setting.
In Features View, double-click SSL Settings.
On the SSL Settings page, select the Accept option under Client certificates.
In the Actions pane, click Apply.
More info here
Client certificate should be imported in CurrentUser\My store with private key (i.e. p12 or pfx file usually).
CA certificate should be in LocalMachine\Root store so that IIS trusts all certificates issued by the CA and the CA is trusted for every user on the computer.
CRL issued by the CA should be either available through URL (specified in every end entity certificate that CA issued) or imported in LocalMachine\My store.
NOTE: openssl doesn't use windows certificate store so this will have no efect on openssl s_client -connect 127.0.0.1:443 -state
I'm trying to create web application with client certificates, generated programmatically. My main problem is following: I've added generated .p12 keystore to my web browser, but it doesn't send certificate to the server.
How does browser understand which x509 certificate it should use? And is it possible to debug SSL in Chrome of Firefox?
SSL/TLS server sends Certificate Request message (see RFC 4346 for TLS 1.1 or others). In this message there is only certificate type and acceptable certificate authorities names, so server doesn't tell anything about particular certificate.
The possible reason is that your certificate of invalid type (i.e. DSA instead of RSA but key exchange algorithm depends on client RSA certificate), or server requests certificate of different certificate authority.