From nobody Wed Mar 13 18:44:18 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TvzvR40FPz5DS6g for ; Wed, 13 Mar 2024 18:44:35 +0000 (UTC) (envelope-from bc979@lafn.org) Received: from mail.sermon-archive.info (sermon-archive.info [47.181.130.121]) by mx1.freebsd.org (Postfix) with ESMTP id 4TvzvQ5Rzkz4Tl4 for ; Wed, 13 Mar 2024 18:44:34 +0000 (UTC) (envelope-from bc979@lafn.org) Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of bc979@lafn.org designates 47.181.130.121 as permitted sender) smtp.mailfrom=bc979@lafn.org Received: from smtpclient.apple (unknown [10.0.1.251]) by mail.sermon-archive.info (Postfix) with ESMTPSA id 4TvzvJ3CJMz2fjX8; Wed, 13 Mar 2024 11:44:28 -0700 (PDT) From: Doug Hardie Content-Type: multipart/alternative; boundary="Apple-Mail=_B7C2BA20-77AE-4515-8AE9-CC180BFA2DAC" List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6\)) Subject: Re: Client Certificate Verification Date: Wed, 13 Mar 2024 11:44:18 -0700 References: <20231217201351.E63AE7EF41EE@ary.qy> To: John Levine , freebsd-questions@freebsd.org In-Reply-To: <20231217201351.E63AE7EF41EE@ary.qy> Message-Id: <2824CBA3-BB5A-4A1B-AC6A-37A676339639@sermon-archive.info> X-Mailer: Apple Mail (2.3731.700.6) X-Virus-Scanned: clamav-milter 1.2.1 at mail X-Virus-Status: Clean X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.65 / 15.00]; NEURAL_HAM_LONG(-1.00)[-0.998]; NEURAL_HAM_MEDIUM(-0.89)[-0.890]; NEURAL_HAM_SHORT(-0.66)[-0.661]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RCVD_NO_TLS_LAST(0.10)[]; ONCE_RECEIVED(0.10)[]; ARC_NA(0.00)[]; RCVD_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+,1:+,2:~]; ASN(0.00)[asn:5650, ipnet:47.181.128.0/18, country:US]; TO_DN_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; DMARC_NA(0.00)[lafn.org: no valid DMARC record]; RCPT_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; APPLE_MAILER_COMMON(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_DKIM_NA(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; FROM_HAS_DN(0.00)[] X-Rspamd-Queue-Id: 4TvzvQ5Rzkz4Tl4 --Apple-Mail=_B7C2BA20-77AE-4515-8AE9-CC180BFA2DAC Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On Dec 17, 2023, at 12:13, John Levine wrote: >=20 > It appears that Doug Hardie > = said: >> -=3D-=3D-=3D-=3D-=3D- >>=20 >> I have an application to which clients connect using a browser over = SSL. I have a LetsEncrypt certificate for the app that lets the client = authenticate the app.=20 >> However, I need to have a multitude of client certificates (one per = client machine). I am generating these certificates from a self-signed = root certificate. I can get >> the client to verify the app and provide the client certificate to = it. The app is unable to verify the client certificate. I have not = been able to figure out how to >> have openssl distribute one certificate (from LetsEncrytp), but = verify the received client certificate using different certificate = chain. Openssl will pass me some of >> the received certificate fields. However, without certificate = verification I cannot be sure that those values came from a certificate = I generated. Is there a way to do >> this either with openssl or libtls? >=20 > OpenSSL gets its list of trusted root signers from a big list in > /etc/ssl so you want to add your CA to that list. See the certctl > command for more details on how it's managed. >=20 > Most FreeBSD systems use the ca_root_nss package to update that list, > so the trick is to keep your cert from getting deleted the next time > the package is updated. You might try putting your cert in > /usr/local/share/certs/ rather than /usr/share/certs/trusted where the > standard certs are. Finally got some time to work on this again. That approach works very = well. My client certificates are properly accepted. However, I am = unable to tell just what SSL_accept validates. I have not been able to = find any documentation on what it actually checks. My testing shows = that the client certificate must be signed by a known root certificate, = but does SSL_accept verify that the signing certificate is the one = indicated in the client certificate, and how does it check that? In my = server, I am checking the certificate serial number. The subject CN is = being used to send the real user id. Is that necessary and sufficient = to ensure that the certificate is the one I generated and not a fake? It seems that it might be possible to create a CA that is certified by = one of the known root certificates and use it to generate a client = certificate with the identical issuer information. Obtaining the proper = issuer serial number would take some work, but I suspect it is possible. = The rest of that information is trivial. Thanks, -- Doug --Apple-Mail=_B7C2BA20-77AE-4515-8AE9-CC180BFA2DAC Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii
On Dec 17, 2023, = at 12:13, John Levine <johnl@iecc.com> wrote:

It appears that Doug Hardie <bc979@lafn.org> = said:
-=3D-=3D-=3D-=3D-=3D-

I have an = application to which clients connect using a browser over SSL.  I = have a LetsEncrypt certificate for the app that lets the client = authenticate the app. 
However, I need to have = a multitude of client certificates (one per client machine).  I am = generating these certificates from a self-signed root certificate. =  I can get
the client to verify the app and provide the client = certificate to it.  The app is unable to verify the client = certificate.  I have not been able to figure out how to
have = openssl distribute one certificate (from LetsEncrytp), but verify the = received client certificate using different certificate chain. =  Openssl will pass me some of
the received certificate fields. =  However, without certificate verification I cannot be sure that = those values came from a certificate I generated.  Is there a way = to do
this either with openssl or libtls?

OpenSSL gets its list of trusted root = signers from a big list in
/etc/ssl so you want to add your CA to that list. See the = certctl
command for more details = on how it's managed.

Most = FreeBSD systems use the ca_root_nss package to update that = list,
so the trick is to keep = your cert from getting deleted the next time
the package is updated. You might try = putting your cert in
/usr/local/share/certs/ rather than = /usr/share/certs/trusted where the
standard certs = are.

Finally got some time to = work on this again.  That approach works very well.  My client = certificates are properly accepted.  However, I am unable to tell = just what SSL_accept validates.  I have not been able to find any = documentation on what it actually checks.  My testing shows that = the client certificate must be signed by a known root certificate, but = does SSL_accept verify that the signing certificate is the one indicated = in the client certificate, and how does it check that?  In my = server, I am checking the certificate serial number.  The subject = CN is being used to send the real user id.   Is that necessary and = sufficient to ensure that the certificate is the one I generated and not = a fake?

 It seems that it might be = possible to create a CA that is certified by one of the known root = certificates and use it to generate a client certificate with the = identical issuer information.  Obtaining the proper issuer serial = number would take some work, but I suspect it is possible.  The = rest of that information is trivial. =  Thanks,

-- = Doug

= --Apple-Mail=_B7C2BA20-77AE-4515-8AE9-CC180BFA2DAC--