SSLVerifyClient NO funciona con el nuevo openssl y/o el nuevo apache (debian 10)

tag-icon tag-icon apache-2.4 openssl
SSLVerifyClient NO funciona con el nuevo openssl y/o el nuevo apache (debian 10)

La opción SSLVerifyClient funciona en términos de que solicita el certificado del usuario, pero luego el navegador muestra un error y el servidor no pasa la solicitud al servidor ProxyPass...

El siguiente código de configuración (opción SSLVerifyClient) funciona bien en Debian 8: Apache 2.4.10+openssl 1.0.1t (mayo de 2016).

El siguiente código de configuración (opción SSLVerifyClient) funciona bien en Debian 9: Apache 2.4.25+openssl 1.1.0l (10 de septiembre de 2019).

El siguiente código de configuración (opción SSLVerifyClient) NO funciona en Debian 10 - Apache 2.4.38+openssl 1.1.1d (10 de septiembre de 2019)

  SSLCertificateFile ....crt
  SSLCertificateKeyFile ...key
  SSLCACertificateFile ../root_...crt
  SSLCARevocationFile ..crl.pem

  ProxyPass / balancer://...
  ProxyPassReverse / balancer://...
..
  <Location /test>
    SSLVerifyClient optional
    SSLOptions +StdEnvVars +ExportCertData
    ..
    RequestHeader set X-SSL-CLIENT-S-DN-O "%{SSL_CLIENT_S_DN_O}s"

las cosas se rompen en algún lugar a mitad de apache 2.4.38+openssl 1.1.1d y apache 2.4.25+openssl 1.1.0l, ¿por qué sucede esto?

Registros de Apache:

firefox 43.0.2
An error occurred during a connection to test.mytesthost. SSL peer cannot verify your certificate. (Error code: ssl_error_bad_cert_alert) 
apache log level set to debug 

==> /var/log/apache2/test.mytesthost.error.log <==
[Mon Dec 28 05:05:22.392282 2020] [ssl:info] [pid 2001:tid 140129775593216] [client 127.0.0.1:57716] AH01964: Connection to child 16 established (server test.mytesthost:443)
[Mon Dec 28 05:05:22.392535 2020] [ssl:debug] [pid 2001:tid 140129775593216] ssl_engine_kernel.c(2319): [client 127.0.0.1:57716] AH02043: SSL virtual host for servername test.mytesthost found
[Mon Dec 28 05:05:22.392567 2020] [ssl:debug] [pid 2001:tid 140129775593216] ssl_engine_kernel.c(2319): [client 127.0.0.1:57716] AH02043: SSL virtual host for servername test.mytesthost found
[Mon Dec 28 05:05:22.392572 2020] [core:debug] [pid 2001:tid 140129775593216] protocol.c(2314): [client 127.0.0.1:57716] AH03155: select protocol from , choices=h2,spdy/3.1,http/1.1 for server test.mytesthost
[Mon Dec 28 05:05:22.443004 2020] [ssl:debug] [pid 2001:tid 140129775593216] ssl_engine_kernel.c(2235): [client 127.0.0.1:57716] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
[Mon Dec 28 05:05:22.533306 2020] [ssl:debug] [pid 2001:tid 140129775593216] ssl_engine_kernel.c(383): [client 127.0.0.1:57716] AH02034: Initial (No.1) HTTPS request received for child 16 (server test.mytesthost:443)
[Mon Dec 28 05:05:22.533374 2020] [ssl:debug] [pid 2001:tid 140129775593216] ssl_engine_kernel.c(746): [client 127.0.0.1:57716] AH02255: Changed client verification type will force renegotiation
[Mon Dec 28 05:05:22.533379 2020] [ssl:info] [pid 2001:tid 140129775593216] [client 127.0.0.1:57716] AH02221: Requesting connection re-negotiation
[Mon Dec 28 05:05:22.533404 2020] [ssl:debug] [pid 2001:tid 140129775593216] ssl_engine_kernel.c(975): [client 127.0.0.1:57716] AH02260: Performing full renegotiation: complete handshake protocol (client does support secure renegotiation)
[Mon Dec 28 05:05:22.533461 2020] [ssl:debug] [pid 2001:tid 140129775593216] ssl_engine_kernel.c(2235): [client 127.0.0.1:57716] AH02041: Protocol: TLSv1.2, Cipher: ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
[Mon Dec 28 05:05:22.533476 2020] [ssl:info] [pid 2001:tid 140129775593216] [client 127.0.0.1:57716] AH02226: Awaiting re-negotiation handshake
[Mon Dec 28 05:05:22.533604 2020] [ssl:debug] [pid 2001:tid 140129775593216] ssl_engine_kernel.c(2319): [client 127.0.0.1:57716] AH02043: SSL virtual host for servername test.mytesthost found
[Mon Dec 28 05:05:24.962762 2020] [ssl:debug] [pid 2001:tid 140129775593216] ssl_engine_kernel.c(1740): [client 127.0.0.1:57716] AH02275: Certificate Verification, depth 0, CRL checking mode: none (0) [subject: [email protected],CN=Pers id: 433837686,OU=Company Certification Center,O=Company Transfer / issuer: CN=Company Transfer Root CA,O=WM Transfer Ltd,OU=WM Transfer Certification Services / serial: 1A209C2E0000000B042A / notbefore: Jan 16 13:36:07 2020 GMT / notafter: Jan 16 13:46:07 2022 GMT]
[Mon Dec 28 05:05:24.964246 2020] [ssl:info] [pid 2001:tid 140129775593216] [client 127.0.0.1:57716] AH02276: Certificate Verification: Error (68): CA signature digest algorithm too weak [subject: [email protected],CN=Pers id: 433837686,OU=Company Certification Center,O=Company Transfer / issuer: CN=Company Transfer Root CA,O=WM Transfer Ltd,OU=WM Transfer Certification Services / serial: 1A209C2E0000000B042A / notbefore: Jan 16 13:36:07 2020 GMT / notafter: Jan 16 13:46:07 2022 GMT]
[Mon Dec 28 05:05:24.964287 2020] [socache_shmcb:debug] [pid 2001:tid 140129775593216] mod_socache_shmcb.c(557): AH00837: socache_shmcb_remove (0x60 -> subcache 0)
[Mon Dec 28 05:05:24.964299 2020] [socache_shmcb:debug] [pid 2001:tid 140129775593216] mod_socache_shmcb.c(571): AH00839: leaving socache_shmcb_remove successfully
[Mon Dec 28 05:05:24.964344 2020] [ssl:error] [pid 2001:tid 140129775593216] [client 127.0.0.1:57716] AH02261: Re-negotiation handshake failed
[Mon Dec 28 05:05:24.964363 2020] [ssl:error] [pid 2001:tid 140129775593216] SSL Library Error: error:1417C086:SSL routines:tls_process_client_certificate:certificate verify failed
[Mon Dec 28 05:05:24.964402 2020] [ssl:debug] [pid 2001:tid 140129775593216] ssl_engine_io.c(1372): [client 127.0.0.1:57716] AH02007: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
[Mon Dec 28 05:05:24.964407 2020] [ssl:info] [pid 2001:tid 140129775593216] [client 127.0.0.1:57716] AH01998: Connection closed to child 16 with abortive shutdown (server test.mytesthost:443)

con salida de Firefox 78.6.0esr: Prohibido No tiene permiso para acceder a este recurso. Motivo: No se puede realizar la autenticación posterior al protocolo de enlace.

==> /var/log/apache2/test.mytesthost.error.log <==
[Tue Dec 29 03:11:47.553633 2020] [ssl:info] [pid 8218:tid 140339011598080] [client 127.0.0.1:58060] AH01964: Connection to child 65 established (server test.mytesthost:443)
[Tue Dec 29 03:11:47.554092 2020] [ssl:debug] [pid 8218:tid 140339011598080] ssl_engine_kernel.c(2319): [client 127.0.0.1:58060] AH02043: SSL virtual host for servername test.mytesthost found
[Tue Dec 29 03:11:47.554113 2020] [ssl:debug] [pid 8218:tid 140339011598080] ssl_engine_kernel.c(2319): [client 127.0.0.1:58060] AH02043: SSL virtual host for servername test.mytesthost found
[Tue Dec 29 03:11:47.554118 2020] [core:debug] [pid 8218:tid 140339011598080] protocol.c(2314): [client 127.0.0.1:58060] AH03155: select protocol from , choices=h2,http/1.1 for server test.mytesthost
[Tue Dec 29 03:11:47.638499 2020] [ssl:debug] [pid 8218:tid 140339011598080] ssl_engine_kernel.c(2235): [client 127.0.0.1:58060] AH02041: Protocol: TLSv1.3, Cipher: TLS_AES_128_GCM_SHA256 (128/128 bits)
[Tue Dec 29 03:11:47.638596 2020] [socache_shmcb:debug] [pid 8218:tid 140339011598080] mod_socache_shmcb.c(495): AH00831: socache_shmcb_store (0x92 -> subcache 18)
[Tue Dec 29 03:11:47.638617 2020] [socache_shmcb:debug] [pid 8218:tid 140339011598080] mod_socache_shmcb.c(849): AH00847: insert happened at idx=0, data=(0:32)
[Tue Dec 29 03:11:47.638621 2020] [socache_shmcb:debug] [pid 8218:tid 140339011598080] mod_socache_shmcb.c(854): AH00848: finished insert, subcache: idx_pos/idx_used=0/1, data_pos/data_used=0/204
[Tue Dec 29 03:11:47.638623 2020] [socache_shmcb:debug] [pid 8218:tid 140339011598080] mod_socache_shmcb.c(516): AH00834: leaving socache_shmcb_store successfully
[Tue Dec 29 03:11:47.638699 2020] [socache_shmcb:debug] [pid 8218:tid 140339011598080] mod_socache_shmcb.c(495): AH00831: socache_shmcb_store (0x2f -> subcache 15)
[Tue Dec 29 03:11:47.638721 2020] [socache_shmcb:debug] [pid 8218:tid 140339011598080] mod_socache_shmcb.c(849): AH00847: insert happened at idx=0, data=(0:32)
[Tue Dec 29 03:11:47.638724 2020] [socache_shmcb:debug] [pid 8218:tid 140339011598080] mod_socache_shmcb.c(854): AH00848: finished insert, subcache: idx_pos/idx_used=0/1, data_pos/data_used=0/203
[Tue Dec 29 03:11:47.638726 2020] [socache_shmcb:debug] [pid 8218:tid 140339011598080] mod_socache_shmcb.c(516): AH00834: leaving socache_shmcb_store successfully
[Tue Dec 29 03:11:47.638824 2020] [ssl:debug] [pid 8218:tid 140339011598080] ssl_engine_kernel.c(383): [client 127.0.0.1:58060] AH02034: Initial (No.1) HTTPS request received for child 65 (server test.mytesthost:443)
[Tue Dec 29 03:11:47.638862 2020] [ssl:error] [pid 8218:tid 140339011598080] [client 127.0.0.1:58060] AH10129: verify client post handshake
[Tue Dec 29 03:11:47.638866 2020] [ssl:error] [pid 8218:tid 140339011598080] [client 127.0.0.1:58060] AH10158: cannot perform post-handshake authentication
[Tue Dec 29 03:11:47.638885 2020] [ssl:error] [pid 8218:tid 140339011598080] SSL Library Error: error:14268117:SSL routines:SSL_verify_client_post_handshake:extension not received
[Tue Dec 29 03:11:52.640565 2020] [ssl:debug] [pid 8218:tid 140338928809728] ssl_engine_io.c(1106): [client 127.0.0.1:58060] AH02001: Connection closed to child 66 with standard shutdown (server test.mytesthost:443)

Respuesta1

Su problema con FF43 es, como descubrió Gerald Schneider, "el algoritmo de resumen de firma de CA es demasiado débil". Pero esto no es un problema del navegador,es un problema con la cadena de confianza del certificado del cliente, que fue aceptado en versiones más antiguas y laxas de Debian y OpenSSL, pero ya no; verhttps://wiki.debian.org/ContinuousIntegration/TriagingTips/openssl-1.1.1. Compararhttps://github.com/symless/synergy-core/issues/6561yhttps://stackoverflow.com/questions/52218876/how-to-fix-ssl-issue-ssl-ctx-use-certificate-ca-md-too-weak-on-python-zeep(aunque eso es para el certificado del servidor, no para el certificado del cliente). Específicamente, si leí bien el código, uno de los certificados de CA en la cadena (que no sea la raíz, que no está marcada) tiene una firma que usa un hash más débil que SHA256 (también conocido como SHA-2), que ha sido el mínimo requerido por la mayoría de los navegadores y el foro CA/Brower desde 2015. Debe configurar su servidor para aceptar un @SECLEVEL más bajo (lo que potencialmente reduce la seguridad en todas las conexiones) o cambiar el cliente para que tenga una cadena de certificados más sólida. Dependiendo del certificado y de la CA donde lo obtuvo, esto puede requerir también un nuevo certificado EE (entidad final = cliente), o puede haber una cadena mejor para el mismo certificado EE.

El problema con FF78.6 es diferente: "SSL_verify_client_post_handshake: extensión no recibida". OpenSSL 1.1.1 admite TLS 1.3, que cambia la forma en que se realiza la autenticación del cliente; específicamente, ahora es una operación "posterior al apretón de manos" en lugar de una "renegociación" (consulte su primer registro). Mi copia de FF78.6 admite esta capacidad, por lo que aparece este error.deberíaindique que la instancia de su navegador no tiene el certificado de cliente instalado correctamente o que el usuario no lo seleccionó/aprobó.

información relacionada