Re: Client Certificate Verification
- In reply to: John Levine: "Re: Client Certificate Verification"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 13 Mar 2024 18:44:18 UTC
> On Dec 17, 2023, at 12:13, John Levine <johnl@iecc.com> wrote: > > It appears that Doug Hardie <bc979@lafn.org <mailto:bc979@lafn.org>> said: >> -=-=-=-=-=- >> >> I have an application to which clients connect using a browser over SSL. I have a LetsEncrypt certificate for the app that lets the client authenticate the app. >> However, I need to have a multitude of client certificates (one per client machine). I am generating these certificates from a self-signed root certificate. I can get >> the client to verify the app and provide the client certificate to it. The app is unable to verify the client certificate. I have not been able to figure out how to >> have openssl distribute one certificate (from LetsEncrytp), but verify the received client certificate using different certificate chain. Openssl will pass me some of >> the received certificate fields. However, without certificate verification I cannot be sure that those values came from a certificate I generated. Is there a way to do >> this either with openssl or libtls? > > OpenSSL gets its list of trusted root signers from a big list in > /etc/ssl so you want to add your CA to that list. See the certctl > command for more details on how it's managed. > > Most FreeBSD systems use the ca_root_nss package to update that list, > so the trick is to keep your cert from getting deleted the next time > the package is updated. You might try putting your cert in > /usr/local/share/certs/ rather than /usr/share/certs/trusted where the > standard certs are. Finally got some time to work on this again. That approach works very well. My client certificates are properly accepted. However, I am unable to tell just what SSL_accept validates. I have not been able to find any documentation on what it actually checks. My testing shows that the client certificate must be signed by a known root certificate, but does SSL_accept verify that the signing certificate is the one indicated in the client certificate, and how does it check that? In my server, I am checking the certificate serial number. The subject CN is being used to send the real user id. Is that necessary and sufficient to ensure that the certificate is the one I generated and not a fake? It seems that it might be possible to create a CA that is certified by one of the known root certificates and use it to generate a client certificate with the identical issuer information. Obtaining the proper issuer serial number would take some work, but I suspect it is possible. The rest of that information is trivial. Thanks, -- Doug