[SOLVED] Client SSL Certificate Authentication

Vitus13 · 10-03-2011, 05:45 PM

I have an apache2 https server (already working) that I'd like to set up client certificate authentication on. Sadly I've read about as far into the logs and output as I understand, and I'm in need of someone who knows more about this than myself.

Currently I have three certs:
1) The CA certificate (rootCA)
2) The sever certificate (*.example.com) signed by rootCA
3) The client certificate (client.example.com) signed by rootCA

I added these lines to the VirtualHost conf

Code:

<Directory /var/www-ssl/example>

          SSLVerifyClient      require
          SSLVerifyDepth       5
          SSLCACertificateFile /etc/apache2/SSL/CA.pem

</Directory>

Then I imported the client certificate (in PK#12 format) into the "Personal" store in a Windows client. I attempted to visit https://www.example.com/example and the result was

Code:

Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.

So I issued (from the server):

Code:

sudo openssl s_client -connect example.com:443 -cert ~/client.pem -CAfile /etc/apache2/SSL/CA.pem -prexit -state -nbio -bugs > test2

and got the following on the output:

Code:

SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:error in SSLv2/v3 read server hello A
SSL_connect:SSLv3 read server hello A
depth=1 /C=US/ST=xxxx/L=xxxx/O=xxxx/CN=rootCA/emailAddress=xxx@xxx.xxx
verify return:1
depth=0 /C=US/ST=xxxx/L=xxxx/O=xxxx/CN=*.example.com/emailAddress=xxxx@xxxx.xxx
verify return:1
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:error in SSLv3 read server session ticket A
SSL_connect:error in SSLv3 read server session ticket A
SSL_connect:SSLv3 read server session ticket A
SSL_connect:SSLv3 read finished A
GET /example
SSL_connect:SSL renegotiate ciphers
SSL_connect:SSLv3 write client hello A
SSL_connect:error in SSLv3 read server hello A
SSL_connect:SSLv3 read server hello A
depth=1 /C=US/ST=xxxx/L=xxxx/O=xxxx/CN=rootCA/emailAddress=xxxx@xxx.xxx
verify return:1
depth=0 /C=US/ST=xxxx/L=xxxx/O=xxxx/CN=*.example.com/emailAddress=xxxx@xxx.xxx
verify return:1
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server certificate request A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client certificate A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write certificate verify A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:error in SSLv3 read server session ticket A
SSL3 alert read:fatal:unsupported certificate
SSL_connect:failed in SSLv3 read server session ticket A
5153:error:14094413:SSL routines:SSL3_READ_BYTES:sslv3 alert unsupported certificate:s3_pkt.c:1102:SSL alert number 43
5153:error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure:s3_pkt.c:854:

However, I don't know what a working example of that ^^^ should look like, and further I don't know which of the three certs is causing all these unsupported certificate errors. So hopefully someone here has done this before / has a working setup they'd be willing to check the configuration against.

Noway2 · 10-03-2011, 06:13 PM

Off of the top of my head, the verify depth looks high. I can't recall exactly what this means, but maybe you could try lowering it to 1 and see if you get different results.

I am not an expert in SSL and certificates, to the point where I can tell you what to do based upon your errors. I do, however, use them myself on my servers. Here is a link to the how-to document that I used. Maybe it will give you some insight into where your process went wrong.

rustek · 10-03-2011, 06:13 PM

I had one working and it looked something like this.

Code:

<VirtualHost 11.22.33.44:501>
...
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCACertificateFile /etc/apache2/SSL/CA.pem

  <Directory "/var/www-ssl/example">
    SSLRequireSSL
    SSLVerifyClient require
    ...
  </Directory>
...
</VirtualHost>

I also had crt and keys defined for the host as well.
Right below the SSLCACertificateFile directive.

Vitus13 · 10-04-2011, 07:53 AM

I looked through my access and error logs and I found this line repeated each time that I tried to connect:

Code:

[Tue Oct 04 08:48:40 2011] [error] [client xxx.xxx.xxx.xxx] Re-negotiation handshake failed: Not accepted by client!?

Other than that my config looks like all the others. I believe the depth option just indicates how many links can be between the client and the CA (CA signs server, server signs department, department signs client), so I don't think that one will matter. There must be something wrong with the certificates. Has anyone used XCA before?

rustek · 10-04-2011, 09:49 AM

Forgive the question, but you didn't by chance import the CA cert into the client?

sundialsvcs · 10-04-2011, 09:56 AM

/me nods...

Betcha that you did. Like everyone else has done, at one time or another.

Vitus13 · 10-04-2011, 08:46 PM

Quote:

Originally Posted by rustek

Forgive the question, but you didn't by chance import the CA cert into the client?

I did, I wasn't clear enough in my OP when I said that I had https working. I should have said that I imported the CA into my trusted CA's on the client and can view the site without getting any certificate errors.

rustek · 10-04-2011, 09:10 PM

That's why I asked, that's backwards.

Create a CA cert
Sign a client cert with the CA cert.
Put the client cert in the client.

SSLCACertificateFile is the CA cert that you used to sign the client cert.

You can leave the rest as it is.

rustek · 10-05-2011, 04:23 AM

Sorry, after closely rereading your OP, I see you get what goes where.

A quick look at the mod_ssl docs doesn't show that the SSLCACertificateFile
directive is allowed in directory structures.

Code:

SSLCACertificateFile Directive
Description:	File of concatenated PEM-encoded CA Certificates for Client Auth
Syntax:	SSLCACertificateFile file-path
Context:	server config, virtual host
Status:	Extension
Module:	mod_ssl

I think you need to move SSLCACertificateFile above the <Directory /var/www-ssl/example>
line.

Vitus13 · 10-08-2011, 10:54 PM

Thanks, I overlooked that. Currently the client box I made the cert for is disposed doing data recovery so I wont be able to test the altered config until that finishes (ddrescue takes FOREVER on large drives). I don't want to go signing new certs and possibly messing that up until I nail down the current one and can reproduce that reliably. Best not to introduce new bugs before the old ones are fixed.

I will post back when I've tried that

Vitus13 · 10-13-2011, 05:53 PM

Sadly that didn't work. Here's the relevant parts of my config:

Code:

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
        SSLCACertificateFile /etc/apache2/SSL/CA.pem

        <Directory /var/www-ssl/SSL>
          SSLVerifyClient      require
          SSLVerifyDepth       5
        </Directory>

        ErrorLog /var/log/apache2/error-ssl.log

        SSLCertificateFile    /etc/apache2/SSL/Server_Cert.pem
        SSLCertificateKeyFile /etc/apache2/SSL/Server_Key.pem

        <FilesMatch "\.(cgi|shtml|phtml|php)$">
                SSLOptions +StdEnvVars
        </FilesMatch>

</VirtualHost>
</IfModule>

In my Access Log I see a bunch of 403 Errors. In my Error Log I see the error from above "Not accepted by client!?".

I did find this tid-bit of information in the log file (about 50 lines up from the end, the first line if the request)

Code:

[Thu Oct 13 07:49:56 2011] [error] Init: Private key not found

Is this referring to the Server key? If so, where do you store your keys, and in which format?

rustek · 10-14-2011, 07:34 AM

I tested this with two sets of files 2048 and 4096 and it worked with both.
I tested with FF and Chrome.

I imported the client.p12 into XP, but had to import it again into Firefox, Chrome found it in XP and asked if it should use it.

I trimmed some of the extra crud out of this, this is one of a hundred virtualhosts on this box, but it's the only one that requires a client cert. I was just testing.

Code:

##### IP Based VirtualHost
Listen 11.222.333.44:501
<VirtualHost 11.222.333.44:501>

  ServerAdmin russ@whatever.net
  ServerName crypt.whatever.net

  AddType text/html .shtml
  AddOutputFilter INCLUDES .shtml .htm .html

  #   Some MIME-types for downloading Certificates and CRLs
  AddType application/x-x509-ca-cert .crt
  AddType application/x-pkcs7-crl    .crl
  #

  #   SSL Engine Switch:
  #   Enable/Disable SSL for this virtual host.
  SSLEngine on
  #

  #   SSL Cipher Suite:
  #   List the ciphers that the client is permitted to negotiate.
  #   See the mod_ssl documentation for a complete list.
  SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  #

  SSLCACertificateFile /vh/hosts-cert/whatever.net/ca.crt
  SSLCertificateFile /vh/hosts-cert/whatever.net/crypt.whatever.net.crt
  SSLCertificateChainFile /vh/hosts-cert/whatever.net/chain.crt
  SSLCertificateKeyFile /vh/hosts-cert/whatever.net/crypt.whatever.net.pem


  DocumentRoot "/vh/hosts/whatever.net"
  #
  <Directory "/vh/hosts/whatever.net">
    SSLRequireSSL
    SSLVerifyClient require
    #
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
      SSLOptions +StdEnvVars
    </FilesMatch>
    #
    DirectoryIndex bsod.png indexs.htm indexs.html indexs.shtml indexs.php \
     index.htm index.html index.shtml index.php
    AllowOverride AuthConfig FileInfo Indexes Limit
    Options -Indexes Includes
    Order allow,deny
    Allow from all
  </Directory>

  BrowserMatch ".*MSIE.*" \
   nokeepalive ssl-unclean-shutdown \
    downgrade-1.0 force-response-1.0


</VirtualHost>

Quote:

In my Access Log I see a bunch of 403 Errors. In my Error Log I see the error from above "Not accepted by client!?".

I got exactly the same in access and error before I imported the client.p12 into firefox.

Quote:

I did find this tid-bit of information in the log file (about 50 lines up from the end, the first line if the request)

Code:

[Thu Oct 13 07:49:56 2011] [error] Init: Private key not found

Is this referring to the Server key? If so, where do you store your keys, and in which format?

I think it's referring to the client, did you make the client.p12 using both the crt and key?

Some of my files end in .crt but I think they are all pem format.

My setup is custom so my locations won't be of any use.

rustek · 10-15-2011, 12:22 AM

I have not used XCA.

When I made my CA and client certs I (more or less) followed the instructions provided in this link:

http://www.g-loaded.eu/2005/11/10/be-your-own-ca/

I then made the p12 file with;

Code:

cd /etc/pki_jungle/myCA
openssl pkcs12 -export -clcerts -in certs/server.crt \
 -inkey private/server.key -out client.p12

Vitus13 · 10-15-2011, 10:59 AM

I'm 99% sure that I'm using the Key+Cert .pk12 version of the certificate on the client. When I open up MMC, under Current User\Personal\Certificates it has my client cert and when I double click it there is a key icon with the text "You have a private key that corresponds to this certificate", the certification path is valid and looks like this "CA>Client"

On the server side, the certs are stored here:

Code:

#ls -la /etc/apache2/SSL/
total 24
drwxr-xr-x 2 root root 4096 2011-10-03 17:03 .
drwxr-xr-x 8 root root 4096 2011-09-25 14:06 ..
-rw-r--r-- 1 root root 2228 2011-10-03 15:59 CA.pem
-rw-r--r-- 1 root root 4472 2011-09-23 00:33 Server_Cert.pem
-rwx------ 1 root root 3394 2011-09-23 00:34 Server_Key.pem

Here are the contents of the CA.pem file:

Code:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha512WithRSAEncryption
        Issuer: C=xx, ST=xx, L=xx, O=xx, CN=xx/emailAddress=xx@xx.xx
        Validity
            Not Before: Sep 19 21:13:00 2011 GMT
            Not After : Sep 19 21:13:00 2021 GMT
        Subject: C=xx, ST=xx, L=xx, O=xx, CN=xx/emailAddress=xx@xx.xx
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (4096 bit)
                Modulus (4096 bit):
                    00:c8:....:86:a3
                Exponent: xxxxx (0xxxxxx)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                CA:E5:FC:....:89:1E
            X509v3 Key Usage:
                Certificate Sign, CRL Sign
            Netscape Cert Type:
                SSL CA, S/MIME CA, Object Signing CA
    Signature Algorithm: sha512WithRSAEncryption
        1e:2d:5c:...:fb:6b
-----BEGIN CERTIFICATE-----
(Encoded Junk Here)
-----END CERTIFICATE-----

Here are the contents of the Server_Cert.pem file:

Code:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
        Signature Algorithm: sha512WithRSAEncryption
        Issuer: C=xx, ST=xx, L=xx, O=xx, CN=xx/emailAddress=xx@xx.xx
        Validity
            Not Before: Sep 19 21:22:00 2011 GMT
            Not After : Sep 19 21:22:00 2012 GMT
        Subject: C=xx, ST=xx, L=xx, O=xx, CN=xx/emailAddress=xx@xx.xx
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (4096 bit)
                Modulus (4096 bit):
                    00:bf:e0:....09:29:75
                Exponent: xxxxx (0xxxxxx)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Key Usage:
                Digital Signature, Non Repudiation, Key Encipherment, Certificate Sign
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, Code Signing, E-mail Protection, Microsoft Individual Code Signing, Microsoft Commercial Code Signing, Microsoft Trust List Signing
            Netscape Cert Type:
                SSL Server
    Signature Algorithm: sha512WithRSAEncryption
        62:8f:....:f1:ee
-----BEGIN CERTIFICATE-----
(Encoded Junk)
-----END CERTIFICATE-----

The format of the key file is like this:

Code:

-----BEGIN ENCRYPTED PRIVATE KEY-----
(ENCODED JUNK)
-----END ENCRYPTED PRIVATE KEY-----

All of my configuration is in /etc/apache2/sites-available/default-ssl:

Code:

<IfModule mod_ssl.c>
<VirtualHost _default_:443>

        ServerAdmin xx@xx.xx
        ServerName  xx.xx.xx

        SCGIMount /RPC2 127.0.0.1:5000

        DirectoryIndex index.html index.htm index.php

        SSLCACertificateFile /etc/apache2/SSL/CA.pem
        SSLCACertificatePath /etc/apache2/SSL/
        SSLCertificateFile /etc/apache2/SSL/Server_Cert.pem
        SSLCertificateKeyFile /etc/apache2/SSL/Server_Key.pem

        DocumentRoot /var/www-ssl

        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>

        <Directory /var/www-ssl/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

        <Directory /var/www-ssl/SSL>
          SSLRequireSSL
          SSLVerifyClient      require
        </Directory>

        ErrorLog /var/log/apache2/error-ssl.log

        LogLevel warn

        CustomLog /var/log/apache2/ssl_access.log combined

        SSLEngine on

        <FilesMatch "\.(cgi|shtml|phtml|php)$">
                SSLOptions +StdEnvVars
        </FilesMatch>

        BrowserMatch "MSIE [2-6]" \
                nokeepalive ssl-unclean-shutdown \
                downgrade-1.0 force-response-1.0
        BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

</VirtualHost>
</IfModule>

Could everyone with a working setup just review their permissions, certificate formats, and configs and note any differences?

rustek · 10-15-2011, 07:29 PM

The format of your CA and Server_Cert look different than mine, but I'm pretty sure that apache would fail to restart if it didn't understand them, the same is true of permissions and locations, it will fail to restart if it can't find the files.

Restart apache after changing a cert or config file.
Restart your browser between tests.!!!

I attached two files to this, a working CA.crt and Client.p12, I have tested this pair and they work. You can use them to verify that your setup is correct.

At least this way you can tell if the problem is the setup or the certs.

I've never attached a file to a message here, hopefully it will work.