Re: [stunnel-users] Problem with the client certificate - stunnel-users

3 Jan 2009

      On Thursday 01 January 2009, Christophe Nanteuil wrote:
...
Well,
I think the problem comes from the CAfile, ie the cert used to verify the
other certs.
This is right. I thought that the CA file is not essential with verify depths 
less than 2. It seems this was a  mistake.
This time (yes, I use tinyCA), I made and used client- and server certificates 
as well as the CA. Now it works.
Thanks for your help!
...
To test, I think it is better to have only one section per file :

your key (section ----BEGIN RSA PRIVATE KEY----- to ---END RSA...) in the

key file corresponding to key=file in config file.

your certificate (section ----BEGIN CERTIFICATE ----- to ---END

CERTIFICATE...) in the cert file corresponding to cert=file in the config
file.
These files must exist for server and client since you want mutual
authentication.
For verifying the certificate, you need to put the client certificate
(autosigned) in the CAfile option of the server config file.
The same for the client : put the server certificate in the CAfile option
of the client config file.
on the server, the command 'openssl verify -CAfile client_cert.pem
client_cert.pem' should return ok
on the client, the command 'openssl verify -CAfile server_cert.pem
server_cert.pem' should return ok.
It can seem stupid but, as you have self-signed certificate, the CAfile is
the cert file.
If you use tinyCA, you can easily build your own CA with one CA cert and
several certs for clients or servers. Then, you would be able to have the
same CAfile on the client and on the server.
I hope this is clear enough. If not, write me back.
2008/12/31 Michael Renner michael.renner@gmx.de
...
On Tuesday 30 December 2008, you wrote:
...
Hello,
Happy new year!
...

are the permissions correct on your files :

key must belong to the user and have 0600 status (read only by the

user)
...

cert must belong to the user.

I think the permissions are OK. The file is owed by root and loaded at
the start
Wrote 1024 new random bytes to /root/.rnd
RAND_status claims sufficient entropy for the PRNG
PRNG seeded successfully
Certificate: /etc/stunnel/stunnelclient.pem
Certificate loaded
Key file: /etc/stunnel/stunnelclient.pem
Private key loaded
SSL context initialized for service BreakOut
...

Is the content of the cert file of this form

-----BEGIN CERTIFICATE-----
certificate data here
-----END CERTIFICATE-----
?
and the content of the key file this form
-----BEGIN RSA PRIVATE KEY-----
key datat here
-----END RSA PRIVATE KEY-----
I made several files. According to
http://www.stunnel.org/faq/certs.html#ToC5
I got a file with a certificate, a RSA Key and a DH section (I removed
the password for the certificate).
According to http://www.stunnel.org/examples/client_cert.html I got a
different file: it has a certificate and a RSA section and between them
an other  section:
rcnyy/AbS1YPkdggJSnw+fqzg/L/QvQB6GTT5KWJzd0=
-----END RSA PRIVATE KEY-----
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number: 5 (0x5)
       Signature Algorithm: sha1WithRSAEncryption
       Issuer: C=DE, ST=Germany, L=Munich, O=vbox4php, OU=Rektorat,
CN=DE/emailAddress=michael.renner@gmx.de
       Validity
           Not Before: Dec 28 20:37:19 2008 GMT
           Not After : Dec 28 20:37:19 2009 GMT
       Subject: C=DE, ST=Germany, O=vbox4php, OU=stunnel,
CN=boulder.vbox4php.org/emailAddress=michael.renner@gmx.de
        Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
           RSA Public Key: (1024 bit)
               Modulus (1024 bit):
                   00:b1:05:47:7a:27:4f:19:2b:18:72:e3:3c:f6:a6:
.
.
                   2b:55:2d:c9:dc:96:55:14:bb
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Basic Constraints:
               CA:FALSE
           Netscape Cert Type:
               SSL Server
           Netscape Comment:
               TinyCA Generated Certificate
           X509v3 Subject Key Identifier:
86:F6:1F:71:29:AA:A5:61:DF:B2:81:F2:34:3A:A6:9E:58:C8:6A:5E X509v3
Authority Key Identifier:
keyid:72:68:1A:0C:9D:E9:93:81:07:E9:36:71:75:33:05:C6:70:35:01:BF
DirName:/C=DE/ST=Germany/L=Munich/O=vbox4php/OU=Rektorat/CN=DE/emailAddre
ss= michael.renner@gmx.de
               serial:BC:97:82:4E:E3:9F:FE:5A
       X509v3 Issuer Alternative Name:
           email:michael.renner@gmx.de

email%3Amichael.renner@gmx.de X509v3 Subject Alternative Name:
               email:michael.renner@gmx.de
email%3Amichael.renner@gmx.de Signature Algorithm:
sha1WithRSAEncryption
       49:ef:06:aa:e5:71:b1:6e:23:87:02:9d:ce:56:e1:3b:77:5a:
.
.
       41:93:92:ee:57:23:95:f3:99:62:27:6a:a4:b7:85:b4:92:86:
       22:50:79:a0
-----BEGIN CERTIFICATE-----
Anyhow: it fails:
2008.12.31 17:51:07 LOG4[13056:1073809760]: VERIFY ERROR: depth=0,
error=unable to get local issuer
certificate: /C=DE/ST=Germany/O=vbox4php/OU=stunnel/CN=
boulder.vbox4php.org/emailAddress=michael.renner@gmx.de
2008.12.31 17:51:07 LOG3[13056:1073809760]: SSL_accept: 140890B2:
error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate
returned
With strace I can see the the key and the cert is OK on the client side:
(I assume that it is only read once):
[pid 11829] open("/etc/stunnel/stunnelserver.pem", O_RDONLY) = 4
[pid 11829] fstat(4, {st_mode=S_IFREG|0600, st_size=5521, ...}) = 0
[pid 11829] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|
MAP_ANONYMOUS, -1, 0) = 0x7f8f5f13b000
[pid 11829] read(4, "-----BEGIN RSA PRIVATE KEY-----\n"..., 4096) = 4096
[pid 11829] read(4, "VQQDEwJERTEkMCIGCSqGSIb3\nDQEJARY"..., 4096) = 1425
[pid 11829] read(4, "", 4096)           = 0
[pid 11829] close(4)                    = 0
[pid 11829] munmap(0x7f8f5f13b000, 4096) = 0
[pid 11829] write(2, "2008.12.31 17:52:56 LOG7[11829:1"..., 682008.12.31
17:52:56 LOG7[11829:140253752059616]: Certificate loaded
) = 68
[pid 11829] write(2, "2008.12.31 17:52:56 LOG7[11829:1"..., 902008.12.31
17:52:56 LOG7[11829:140253752059616]: Key
file: /etc/stunnel/stunnelserver.pem
) = 90
[pid 11829] open("/etc/stunnel/stunnelserver.pem", O_RDONLY) = 4
[pid 11829] fstat(4, {st_mode=S_IFREG|0600, st_size=5521, ...}) = 0
[pid 11829] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|
MAP_ANONYMOUS, -1, 0) = 0x7f8f5f13b000
[pid 11829] read(4, "-----BEGIN RSA PRIVATE KEY-----\n"..., 4096) = 4096
[pid 11829] close(4)                    = 0
[pid 11829] munmap(0x7f8f5f13b000, 4096) = 0
[pid 11829] write(2, "2008.12.31 17:52:56 LOG7[11829:1"..., 682008.12.31
17:52:56 LOG7[11829:140253752059616]: Private key loaded
While I see in the clients logfile:
SSL state (connect): SSLv3 flush data
SSL alert (read): fatal: bad certificate
SSL_connect: 14094412: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3
alert
bad certificate
Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
Strange!
One more hint?
|Michael Renner      E-mail: michael.renner@gmx.de  |
|D-81541 Munich      Germany        ICQ: #112280325 |
|Germany             Don't drink as root!      ESC:wq
-- 
|Michael Renner      E-mail: michael.renner@gmx.de  |
|D-81541 Munich      Germany        ICQ: #112280325 |
|Germany             Don't drink as root!      ESC:wq