I have an Apache server that was recently upgraded from Debian 9 to Debian 10:
Apache : 2.4.25-3+deb9u13 => 2.4.52
Openssl: 1.1.0l-1~deb9u5 => 1.1.1n-0+deb10u1
Since this upgrade, connections from clients where client is authenticated (SSLVerifyClient require in Apache configuration) fails. Error in Apache debug logs is:
[Tue Apr 19 17:41:57.686913 2022] [ssl:error] [pid 19335] SSL Library Error: error:1414D17A:SSL routines:tls12_check_peer_sigalg:wrong curve
TLS_v1.2 was forced on server (Apache configuration: SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2 -TLSv1.3).
I made a wireshark capture and I am able to decode it. When authentication works (with Debian 9 version), messages exchanged are the following:
messagesExchange
When error occurs, The last "Finished" message sent by server is replaced by a TLS Alert (Level Fatal, Description: Illegal parameter).
This happens just after the client certificate is received by server, my conclusion is that the client certificate is not accepted by server.
Client certificate was generated by our PKI from a private key and a certificate signing request created on client using these commands:
openssl ecparam -genkey -name secp256k1 -noout -out ${PRIVATE_KEY}
openssl req -new -sha256 -key ${PRIVATE_KEY} -out ${CSR} -subj "/C=FR/O=XXX/OU=YYY/CN=ZZZ"
So curve used for this client certificate is secp256k1. This curve is not supported by TLS_v1.3.
If I create a private key using prime256v1 curve instead if using secp256k1, recreate CSR and certificate using the same PKI, I am able to connect to server without errors. Commands become:
openssl ecparam -genkey -name prime256v1 -noout -out /user/private_prime256v1.key
openssl req -new -sha256 -key /user/private_prime256v1.key -out /user/prime256v1.csr -subj "/C=FR/O=XXX/OU=YYY/CN=ZZZ"
So I assume my problem is linked to usage of secp256k1 curve in client certificates (and this new versions of Apache and Openssl).
I have tons of clients with certificates created from a private key using secp256k1 curve, so changing client certificates is not an option. I am looking for an Apache / mod_ssl / openssl configuration to accept client certificates using secp256k1 certificates even on this new version. I tried:
SSLOpenSSLConfCmd Groups "secp256k1:secp384r1:secp521r1:prime256v1:sect283k1:sect283r1:sect409k1:sect409r1:sect571k1:sect571r1"
without success.
There are many other parameters I can modify using SSLOpenSSLConfCmd but I didn't find any other configurations precisely linked to client authentication or to curves used in certificates.
Related
I have an issue with the server rejecting the client certificate in the handshake if I issue openssl call with just the cert (with chain) and private key.
This issue goes away if I also set the cafile param and point it to the same file as the cert.
It seems as if openssl cannot construct the chain without the cafile input even if the information is already in the cert input. I wonder if you guys had experience with this. I just find it a bit odd.
To summarize, this works:
sudo openssl s_client -connect <ip>:<port> -cert cert_with_chain.pem -key privkey.pem -CAfile cert_with_chain.pem
This doesn't work (Server reject with "null cert chain"):
sudo openssl s_client -connect <ip>:<port> -cert cert_with_chain.pem -key privkey.pem
Open SSL version:
OpenSSL 1.0.2k-fips 26 Jan 2017
The problem is not that "openssl cannot construct the chain without the cafile" but that it wasn't the intention in the first place to do so. The intended behavior is well documented in man s_client:
-cert certname The certificate to use, if one is requested by the server.
-CAfile file A file containing trusted certificates to use during server authentication and to use when attempting to build the client
certificate chain.
I have Tomcat-Apache set up to serve my application using 443(Apache).
Configured Apache for root certificate and key for enabling HTTPS access for my application.
On server i had to install this certificate to user personal store for HTTPS access.
Problem is if client wants to access he needs to manually install the certificate first. These are self signed certificates generated via openSSL.
openssl req -new -x509 -days 1024 -key ca.key -out ca.crt -config openssl.cnf
Is there a way to configure Apache, or install certificate in another store for client to trigger auto installation of certificate while accessing the site?
i would like to install squid proxy with SSL bump, i am working on my Virtual lab and once everything is ok i will Test it on the real network.
i already created i directory for the cert and generated the cert as below:
#Generate Private Key
openssl genrsa -out MSY.com.private 2048
# Create Certificate Signing Request
openssl req -new -key MSY.com.private -out MSY.com.csr
# Sign Certificate
openssl x509 -req -days 3652 -in MSY.com.csr -signkey MSY.com.private -out
MSY.com.cert
then i fill the info and put the 'Common Name' something other than the domain or server_name. in addition, please find the below lines from the squid configuration file:
http_port 3128
#the problem is with the below line
ssl-bump cert=/etc/squid/ssl_cert/MSY.com.cert
key=/etc/squid/ssl_cert/MSY.com.private generate-host-certificates=on
version=1 options=NO_SSLv2,NO_SSLv3,SINGLE_DH_USE
# SSL Bump Config
ssl_bump stare all
ssl_bump bump all
and its not working and if i remove the SSL bump certificate line from the configuration, the proxy works but without SSL. my questions can we eliminate SSL-bump from configuration and can i manually copy the certificate to the client/user machine and added to his/her Internet browser.
thanks
I need to generate a TLSv1.2 SSL certificate. I have done the following:
openssl genrsa -out myselfsigned.key 2048
openssl req -new -x509 -sha256 -key myselfsigned.key -out myselfsigned.cer -days 365 -subj /CN=<my localhost ip address>
Now how do I know that the certificate is actually a TLSv1.2 SSL certificate?
There is no such thing as a TLS 1.2 certificate.
There are RSA and ECDSA certificates which can be used with various TLS protocol versions and ciphers.
If TLS 1.2 is actually used depends on the capabilities and configuration of both client and server. You can check this when doing a packet capture and analyzing it with wireshark. Also there are often ways at server and client to find out which TLS version is in use by the current connection but how this is done depends on the client and server. For example with many browsers you get this information when clicking on the lock icon and then looking at the connection details.
I'm setting up a mysql server and am trying to have a mysql client connect to it over SSL. I'm going to be using a self signed certificate for the same. Reading the MySQL documentation on setting up SSL I see that I have to specify the path to the following files :-
the SSL root CA
the SSL certificate
the SSL private key
In this particular case, should I be setting both the root CA and the certificate to my self signed certificate?
Example of how to create properly a Self-Signed SSL Certificate.
Su to root and create a directory that only the root account has access to.
su -
mkdir certificates
chmod 700 certificates
cd certificates
Use openssl to generate a server key
openssl genrsa -des3 -out server.key 4096
Openssl will request a pass phrase. Type in a sentence that is long and complex but that you can remember (you'll have to type it at least twice). Try to make it at least 40 characters long, with punctuation and capital and lowercase letters. The more different characters you use the better.
Then create the certificate signing request with the server key you created in step 2.
openssl req -new -key server.key -out server.csr
Sign your certificate using SSL.
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
You can set your certificate for any number of days, but I recommend 365 so that you remember to update it once a year.
Once you're done, you'll have the following files:
server.crt: The self-signed server certificate
server.csr: Server certificate signing request
server.key: The private server key, does not require a password when starting Apache
Place those files where they are required for your Web server, and turn on HTTPS. (If you don't know how, contact your server administrator.)