Stefan Eissing schreef op wo 23-10-2019 om 17:38 [+0200]: mod_ssl does no special SHA-1 check. What you see is the error message from openssl itself (wrapped in a log number thing for tracability). So, the question is why your openssl is ok with what your apache linked openssl denies.
Sigh: https://sources.debian.org/src/openssl/1.1.1d-0+deb10u2/debian/patches/Set-systemwide-default-settings-for-libssl-users.patch/ Setting that to SECLEVEL=1 fixes my issue. Thanks for the pointer, I found at <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.openssl.org%2Fdocs%2Fmanmaster%2Fman3%2FSSL_CTX_set_security_level.html&data=02%7C01%7C%7Cbcb89988220e43e3b5f708d757cf1c7d%7Cf92badf4a21b4ddbbae600e040c26fb8%7C0%7C1%7C637074419355177857&sdata=VC%2FM3vOU4CtcoffwPb%2Ft%2BCM0twXh3b4Pzof2wM5Exls%3D&reserved=0> https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_security_level.html "The default security level can be configured when OpenSSL is compiled by setting -DOPENSSL_TLS_SECURITY_LEVEL=level. If not set then 1 is used." and "WARNING at this time setting the security level higher than 1 for general internet use is likely to cause considerable interoperability issues and is not recommended. This is because the SHA1 algorithm is very widely used in certificates and will be rejected at levels higher than 1 because it only offers 80 bits of security." This looks to me as if at least your openssl library was compiled or is configured with a higher security level (there are ways to do that even for individual applications, see /usr/lib/ssl/openssl.cnf. Anyways, there is nothing special that apache adds here that I know of. I think you need someone with more deeper knowledge of the ubuntu openssl setup/compilation than I can provide. Stefan Am 23.10.2019 um 17:07 schrieb Wouter Verhelst < <mailto:wouter.verhe...@zetes.com> wouter.verhe...@zetes.com >: Hi Stefan, Stefan Eissing schreef op wo 23-10-2019 om 16:33 [+0200]: I assume you have tried openssl standalone on such a certificate? <https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstackoverflow.com%2Fquestions%2F25482199%2Fverify-a-certificate-chain-using-openssl-verify%2326520714&data=02%7C01%7C%7Cbcb89988220e43e3b5f708d757cf1c7d%7Cf92badf4a21b4ddbbae600e040c26fb8%7C0%7C1%7C637074419355187854&sdata=HKngYljBE4hXcpMxVDBg1%2FO7txbg2hLSnqgvTmH13PI%3D&reserved=0> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstackoverflow.com%2Fquestions%2F25482199%2Fverify-a-certificate-chain-using-openssl-verify%2326520714&data=02%7C01%7C%7Cbcb89988220e43e3b5f708d757cf1c7d%7Cf92badf4a21b4ddbbae600e040c26fb8%7C0%7C1%7C637074419355187854&sdata=HKngYljBE4hXcpMxVDBg1%2FO7txbg2hLSnqgvTmH13PI%3D&reserved=0 Thanks for pointing that out. I hadn't tried it yet, but when I do so now, it does succeed: wouter@host:~$ openssl verify -CAfile /etc/apache2/ca-bundle.pem test.pem test.pem: OK where that ca-bundle.pem file is the file that I point to from SSLCACertificateFile in my apache config, and test.pem is the certificate that I used for testing and that resulted in the log line below. So it must be something in apache, as I had (apparently correctly) guessed from the log message. Since, I do not know of any specific checks added for this in Apache, I assume that openssl updated its verification implementation. The command line should let you verify that. If this is the case, question would be if some openssl config parameter can disable that for you. I think there are some people around here who should be able to find that out, once you have verified that with your certs. Cheers, Stefan Am 23.10.2019 um 11:49 schrieb Wouter Verhelst <Wouter.Verhelst @zetes.com>: Hi, For reasons beyond my control, I need to allow client certificate authentication with certificates that are signed with SHA1 (I know -- don't ask). Upon installing Apache from Debian 10 "buster" and installing the CA certificate under SSLCACertificateFile, however, I get the following: [Wed Oct 23 11:41:23.336834 2019] [ssl:info] [pid 7424] [client 172.16.57.80:38728] AH02276: Certificate Verification: Error (68): CA signature digest algorithm too weak [....certificate details snipped for privacy....] I know that SHA1 is insecure these days, but I have no control over the algorithms used in this particular CA, and I need to be able to use it. I tried disabling TLSv1.3 and setting the value of SSLCipherSuite to "HIGH:SHA1", but to no effect. Anyone have any idea if it's possible to relax the requirements for client CAs somehow? (Debian buster comes with httpd 2.4.38 and OpenSSL 1.1.1d) Thanks, --------------------------------------------------------------------- To unsubscribe, e-mail: <mailto:users-unsubscr...@httpd.apache.org> users-unsubscr...@httpd.apache.org For additional commands, e-mail: <mailto:users-h...@httpd.apache.org> users-h...@httpd.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: <mailto:users-unsubscr...@httpd.apache.org> users-unsubscr...@httpd.apache.org For additional commands, e-mail: <mailto:users-h...@httpd.apache.org> users-h...@httpd.apache.org
