Re: Query on SSL Mutual Authentication on Server
On 2021-03-01 17:28, Viktor Dukhovni wrote:
On Mon, Mar 01, 2021 at 09:21:29PM +0530, Archana wrote:
I am new to SSL programming. On our SSL Server implementation, we are
trying to enforce Mutual Authentication. Is it Mandatory to provide a user
defined Callback using SSL_ctx_setverify()
No callback is required (callbacks are primarily useful for logging,
though they can also, with care, be used to make chain verification
more "permissive", but there be dragons). However, you must then
still call:
int mode = SSL_VERIFY_PEER
| SSL_VERIFY_FAIL_IF_NO_PEER_CERT
| SSL_VERIFY_CLIENT_ONCE;
SSL_CTX_set_verify(ctx, mode, NULL);
to set the verification mode to request (and enforce) the presence of a
client certificate. Depending on the client, you may also need to make
sure to provide a non-empty list of client CA hints that includes all
the trust-anchor CAs from which you'll accept client certificate chains.
(Clients using Java SSL APIs typically require that to be the case).
This can be done via:
const char *CAfile = "/your/CA/file";
STACK_OF(X509_NAME) *calist = SSL_load_client_CA_file(CAfile);
if (calist == NULL) {
/* log error loading client CA names */
}
SSL_CTX_set_client_CA_list(server_ctx, calist);
If yes, Is it expected to do the IP or hostname validation?
Neither, authorization of the client is up to you. OpenSSL will check
the dates, validity of the signatures, ... in the clients certificate
chain, but checking whether any of the subject names in the client
certificate are allowed to access your server is up to you.
There is no prior expectation that the client's certificate is
specifically related to its IP address or hostname.
You may in fact, depending on the structure of your code, be able to
configure the expected client name prior to the SSL handshake
with SSL_accept(3), but after accepting the client TCP connection.
To set the expected hostname(s), see the documentation of:
int SSL_set1_host(SSL *s, const char *hostname);
int SSL_add1_host(SSL *s, const char *hostname);
For IP addresses, there's a slightly lower-level interface:
X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
const unsigned char *ip, size_t iplen);
int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char
*ipasc);
or after the handshake completes, you can call one of:
int X509_check_host(X509 *, const char *name, size_t namelen,
unsigned int flags, char **peername);
int X509_check_email(X509 *, const char *address, size_t addresslen,
unsigned int flags);
int X509_check_ip(X509 *, const unsigned char *address, size_t
addresslen,
unsigned int flags);
int X509_check_ip_asc(X509 *, const char *address, unsigned int flags);
Just out of curiousity: What is the recommended way to check
the authenticated e-mail and/or DN of the client certificate,
given that those are the most common identities in such
certificates (except in server-to-server scenarios).
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
Re: Query on SSL Mutual Authentication on Server
On Mon, Mar 01, 2021 at 09:21:29PM +0530, Archana wrote:
> I am new to SSL programming. On our SSL Server implementation, we are
> trying to enforce Mutual Authentication. Is it Mandatory to provide a user
> defined Callback using SSL_ctx_setverify()
No callback is required (callbacks are primarily useful for logging,
though they can also, with care, be used to make chain verification
more "permissive", but there be dragons). However, you must then
still call:
int mode = SSL_VERIFY_PEER
| SSL_VERIFY_FAIL_IF_NO_PEER_CERT
| SSL_VERIFY_CLIENT_ONCE;
SSL_CTX_set_verify(ctx, mode, NULL);
to set the verification mode to request (and enforce) the presence of a
client certificate. Depending on the client, you may also need to make
sure to provide a non-empty list of client CA hints that includes all
the trust-anchor CAs from which you'll accept client certificate chains.
(Clients using Java SSL APIs typically require that to be the case).
This can be done via:
const char *CAfile = "/your/CA/file";
STACK_OF(X509_NAME) *calist = SSL_load_client_CA_file(CAfile);
if (calist == NULL) {
/* log error loading client CA names */
}
SSL_CTX_set_client_CA_list(server_ctx, calist);
> If yes, Is it expected to do the IP or hostname validation?
Neither, authorization of the client is up to you. OpenSSL will check
the dates, validity of the signatures, ... in the clients certificate
chain, but checking whether any of the subject names in the client
certificate are allowed to access your server is up to you.
There is no prior expectation that the client's certificate is
specifically related to its IP address or hostname.
You may in fact, depending on the structure of your code, be able to
configure the expected client name prior to the SSL handshake
with SSL_accept(3), but after accepting the client TCP connection.
To set the expected hostname(s), see the documentation of:
int SSL_set1_host(SSL *s, const char *hostname);
int SSL_add1_host(SSL *s, const char *hostname);
For IP addresses, there's a slightly lower-level interface:
X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
const unsigned char *ip, size_t iplen);
int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char
*ipasc);
or after the handshake completes, you can call one of:
int X509_check_host(X509 *, const char *name, size_t namelen,
unsigned int flags, char **peername);
int X509_check_email(X509 *, const char *address, size_t addresslen,
unsigned int flags);
int X509_check_ip(X509 *, const unsigned char *address, size_t
addresslen,
unsigned int flags);
int X509_check_ip_asc(X509 *, const char *address, unsigned int flags);
--
Viktor.
Query on SSL Mutual Authentication on Server
I am new to SSL programming. On our SSL Server implementation, we are trying to enforce Mutual Authentication. Is it Mandatory to provide a user defined Callback using SSL_ctx_setverify() If yes, Is it expected to do the IP or hostname validation?
Re: Mutual Authentication using Multiple CA's in Apache (mod_ssl) does not work
On Mon, Jun 07, 2010, Scott Thomas wrote: > Bonjour All Users, > > > My setup has a ROOT CA and 3 level of Sub CA's. I have generated apache web > server and client certificates from every the ROOT and Sub CA's. > > I have configured my APACHE web server for client certificate (mutual) > authentication. I have generated the apache web server certificate and > client certificates from the ROOT CA with proper extensions. In case of Root > CA, it works well. Mutual authentication works fine. > > In case of Sub CA, the apache web server certifictae and client certificates > are generated by SubCA with the same extensions/profile as in case of ROOT > CA. But when i try to authenticate users from Sub CA's then following error > occurs "unhandled critical extension". SSLCACertificateFile contains the > concatenated certifcates of all the CA's( issuing CA certtificate is at top > and Root ca certificate is at bottom of this file) > > Well the message is clear enough. A certificate in the chain includes a critical extension that OpenSSL does not handle. Without seeing the extensions in each certificate it isn't clear which one is causing the problem. Try this command: openssl verify -CAfile root.pem -untrusted subcas.pem client.pem Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Mutual Authentication using Multiple CA's in Apache (mod_ssl) does not work
Bonjour All Users,
My setup has a ROOT CA and 3 level of Sub CA's. I have generated apache web
server and client certificates from every the ROOT and Sub CA's.
I have configured my APACHE web server for client certificate (mutual)
authentication. I have generated the apache web server certificate and client
certificates from the ROOT CA with proper extensions. In case of Root CA, it
works well. Mutual authentication works fine.
In case of Sub CA, the apache web server certifictae and client certificates
are generated by SubCA with the same extensions/profile as in case of ROOT CA.
But when i try to authenticate users from Sub CA's then following error occurs
"unhandled critical extension". SSLCACertificateFile contains the concatenated
certifcates of all the CA's( issuing CA certtificate is at top and Root ca
certificate is at bottom of this file)
Here is my vhost file
NameVirtualHost *:80
NameVirtualHost *:443
DocumentRoot /srv/www/htdocs/
ServerName XX
RewriteEngine On
RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
DocumentRoot /srv/www/htdocs/
ServerName X
SSLEngine on
SSLCipherSuite HIGH
SSLProtocol all -SSLv2
SSLCertificateFile /etc/apache2/certificates/cert.pem
SSLCertificateKeyFile /etc/apache2/certificates/key.pem
SSLCACertificateFile /etc/apache2/certificates/chain.pem
#SSLCertificateChainFile /etc/apache2/certificates/chain.pem
//chain.pem contains all the upper level certificates concanetated such that
(1st certificate is of issuing CA , going downward towards the root CA...
// i have also tried with the SSLCertificateChainFile directive but the error
is same ...
SSLVerifyClient require
SSLRequireSSL
SSLRequire %{SSL_CLIENT_S_DN_CN} eq ""
SSLVerifyDepth 3
SSLOptions +StdEnvVars +ExportCertData
I am using OpenSSL version 0.9.8h release 28 May 2008 and Apache version
2.2.10-2.5
Kindly guide me in this aspect.
Waiting for your kind Reply
Best Regards
Scott Thomas
Re: Mutual Authentication
Which version of OpenSSL on SUSE? Also important, which version of which webserver software? (OpenSSL is not the only SSL toolkit on the planet; mod_nss exists as well, and that's a different mailing list.) For troubleshooting, I'd suggest looking into openssl s_client and s_server. Load s_server with the key/cert that your webserver is using, give s_client the certificate and private key file for the client-auth side. Read the manpages on them and you'll find a lot of useful information. (Also, point your SOAP::Lite client to the s_server, and look at the chain that it's sending. It might be sending it with \r instead of \r\n -- base64 encodes 3 bytes into 4, and at the end of the line it requires network line endings. which just happens to match DOS line-ending format.) -Kyle H On Thu, Dec 11, 2008 at 11:14 AM, McGovern, James F (HTSC, IT) wrote: > We are running into an issue with an application that is written in PERL > using SOAP:Lite and OpenSSL on Suse where a SOAP request is sent to a server > that requires mutual authentication. On the server side, the server is > throwing a message indicating that it is having a problem with base64 > decoding the certificate. > > We have validated the integrity of the certificates by writing an > application in Java that doesn't use OpenSSL and it works fine. Any thoughts > on how to troubleshoot? > > > This communication, including attachments, is for the exclusive use of > addressee and may contain proprietary, confidential and/or privileged > information. If you are not the intended recipient, any use, copying, > disclosure, dissemination or distribution is strictly prohibited. If you > are not the intended recipient, please notify the sender immediately by > return e-mail, delete this communication and destroy all copies. > > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Mutual Authentication
We are running into an issue with an application that is written in PERL using SOAP:Lite and OpenSSL on Suse where a SOAP request is sent to a server that requires mutual authentication. On the server side, the server is throwing a message indicating that it is having a problem with base64 decoding the certificate. We have validated the integrity of the certificates by writing an application in Java that doesn't use OpenSSL and it works fine. Any thoughts on how to troubleshoot? This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.
Re: mutual authentication
I think this is OpenSSL's mailing list and not JSSE :)
(B
(BAnyway, my quick guess is probably you need to add the "-trustcacert"
(Boption when doing the Java's keytool import.
(B
(BCheers
(B
(B[EMAIL PROTECTED] wrote:
(B> Hi!
(B>
(B> I have the following problem in mutual authentication.
(B>
(B> Connection failed: javax.net.ssl.SSLHandshakeException:
(B> sun.security.validator.V
(B> alidatorException: No trusted certificate found
(B>
(B> At first, I created key and certification as follows.
(B>
(B> -
(B>
(B> 1. Create CA Authority Key using SSL
(B> openssl genrsa -out ca.key 1024
(B>
(B> 2. Create self-signed CA Certificate
(B> openssl req -new -x509 -key ca.key -out demoCA/cacert.pem
(B>
(B> 3. Create Client Keystore
(B> keytool -genkey -alias clientapp -keystore clientkeys
(B>
(B> 4. Create Server Keystore
(B> keytool -genkey -alias serverapp -keystore serverkeys
(B>
(B> 5. Export public keys from Client and Server keystores
(B> keytool -keystore clientkeys -certreq -alias clientapp -file clientapp.crs
(B> keytool -keystore serverkeys -certreq -alias serverapp -file serverapp.crs
(B>
(B> 6. Signs both public keys with CA Authority key
(B> openssl ca -in clientapp.crs -out clientapp.pem -keyfile ca.key
(B> openssl ca -in serverapp.crs -out serverapp.pem -keyfile ca.key
(B>
(B> 7. Convert signed keys to DER format
(B> openssl x509 -in clientapp.pem -out clientapp.der -outform DER
(B> openssl x509 -in serverapp.pem -out serverapp.der -outform DER
(B>
(B> 8. Import CA certificate to Client and Server keystores
(B> keytool -keystore clientkeys -alias systemca -import -file demoCA/cacert.pem
(B> keytool -keystore serverkeys -alias systemca -import -file demoCA/cacert.pem
(B>
(B> 9. Import signed key to Client keystore
(B> keytool -keystore clientkeys -alias clientapp -import -file clientapp.der
(B>
(B> 10. Import signed key to Serverkeystore
(B> keytool -keystore serverkeys -alias serverapp -import -file serverapp.der
(B>
(B>
(B> Then, I executed programs.
(B>
(B> Server$B!'(B
(B>
(B> $ java -Djavax.net.ssl.keyStore=serverkeys
(B> -Djavax.net.ssl.keyStorePassword=pas
(B> sword CASSLServer
(B> SimpleSSLServer running on port 4915
(B>
(B> Client$B!'(B
(B>
(B> $ keytool -import -keystore truststore/cacerts -alias trustca -file
(B> demoCA/cace
(B> rt.pem
(B>
(B> $ java
(B> -Djavax.net.ssl.trustStore=/cygdrive/c/eclipse-SDK-2.1.1-win32/eclipse/w
(B> orkspace/xacml/truststore/cacerts
(B> -Djavax.net.ssl.trustStorePassword=changeit C
(B> ACustomKeyStoreClient
(B> Connection failed: javax.net.ssl.SSLHandshakeException:
(B> sun.security.validator.V
(B> alidatorException: No trusted certificate found
(B>
(B> Are there something wrong with my setting?
(B>
(B>
(B> CASSLServer.java--
(B>
(B> import javax.net.ssl.*;
(B> import java.security.cert.*;
(B> import java.io.*;
(B>
(B> /**
(B> * A very simple server which accepts SSL connections, and displays
(B> * text sent through the SSL socket on stdout. The server requires
(B> * client authentication.
(B> * Listens on port 49152 by default, configurable with "-port" on the
(B> * command-line.
(B> * The server needs to be stopped with Ctrl-C.
(B> */
(B> public class CASSLServer extends Thread
(B> {
(B> private static final int DEFAULT_PORT=49152;
(B>
(B> private SSLServerSocketFactory serverSocketFactory;
(B> private int port;
(B>
(B> /**
(B>* main() method, called when run from the command-line. Deals with
(B>* command-line parameters, then starts listening for connections
(B>*/
(B> public static void main(String args[])
(B> {
(B> int port=DEFAULT_PORT;
(B>
(B> // Parse command-line arguments
(B> boolean parseFailed=false;
(B> try {
(B> for (int i=0; i String arg=args[i].trim().toUpperCase();
(B>
(B> // Only the "-port" argument is supported
(B> if (arg.equals("-PORT")) port=Integer.parseInt(args[++i]);
(B> else parseFailed=true;
(B> }
(B> }
(B> catch(Exception e) {
(B> // Something went wrong with the command-line parse.
(B> // A real application would issue a good error message;
(B> // we'll just display our usage.
(B> parseFailed=true;
(B> }
(B>
(B> if (parseFailed) {
(B> displayUsage();
(B> }
(B> else {
(B> // T
Re: Mutual Authentication
Thank you for your answer. But I used the following command : # openssl pkcs12 -export -in usercert.pem -inkey userkey.pem -out cert.p12 Then I try to install it on my workstation (WinNT) and get a window telling: "Invalid Public Key Security Object File This is an invalid Personal Information Exchange File" I don't understand, the user certificate in x509 format seemed to be valid, I succeed to installed it, indeed without privatekey... Could you help me again ? En réponse à Michael Sierchio <[EMAIL PROTECTED]>: > [EMAIL PROTECTED] wrote: > > > All those certificates are valid, and are in pem and x509 format. > > When I add "SSLVerifyClient require" in httpd.conf, a window "Client > > > Authentication" appear but I can not select any certificate!! > > > > 1- It is important I can't install the user certificate in Personal > tab ? > > 2- It is for this reason I can't select it during the user > authentication ? > > You need not only a certificate, but the private key associated with > it. If you have the two -- usually in a PKCS#12 bundle -- you can > install it as one of yours. Otherwise, certificates are treated as > client certs belonging to "others." HTH > > > -- > > "Well," Brahma said, "even after ten thousand explanations, a fool is > no > wiser, but an intelligent man requires only two thousand five > hundred." > - The Mahabharata > > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List[EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Mutual Authentication
[EMAIL PROTECTED] wrote: All those certificates are valid, and are in pem and x509 format. When I add "SSLVerifyClient require" in httpd.conf, a window "Client Authentication" appear but I can not select any certificate!! 1- It is important I can't install the user certificate in Personal tab ? 2- It is for this reason I can't select it during the user authentication ? You need not only a certificate, but the private key associated with it. If you have the two -- usually in a PKCS#12 bundle -- you can install it as one of yours. Otherwise, certificates are treated as client certs belonging to "others." HTH -- "Well," Brahma said, "even after ten thousand explanations, a fool is no wiser, but an intelligent man requires only two thousand five hundred." - The Mahabharata __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Mutual Authentication
Hello, I would like to use mutual authentication : authenticate the server and the user. I created a CA, a server and a client certificate signed by this CA. I installed the CA certificate on my IE. I tested a connection to my server and the server authentication seems to be good. I installed my user certificate on IE but it appear in "Other People" and not in "Personal" tab. All those certificates are valid, and are in pem and x509 format. When I add "SSLVerifyClient require" in httpd.conf, a window "Client Authentication" appear but I can not select any certificate!! 1- It is important I can't install the user certificate in Personal tab ? 2- It is for this reason I can't select it during the user authentication ? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
