I'm running Apache 2.2 on Windows, and have mod_ssl working fine for delivering a commercially signed server cert. (A wildcard cert, though I don't think it matters.)
I'm trying to get the server, on certain VirtualHosts, to require a client certificate, so I've built an SSLCACertificateFile containing PEMs; as I understand it, that list of signing DNs should be proffered for the client to respond during SSL establishment.
I have a StartSSL personal identity certificate, and if I put StartSSL's root cert into the SSLCACertificateFile, the browser (Chrome and IE tested) pops up "select a certificate" and shows me my StartSSL certificate.
However, my real use case is to use my own CA, and sign client certs, and that's what I can't get working. I self-sign a CA, then I create a client CSR and sign it with the CA cert and load it in my client cert store, then I put the CA PEM into my SSLCACertificateFile -- and the browser doesn't offer the client cert in the "select a certificate".
WTF.
Because it all works with the StartSSL CA and cert, I'm wondering if it's actually an issue with my CA cert or client cert -- but I can't figure out what the issue might be; the CA cert works for signing, and has CA:TRUE; the client certs have Client Authentication as a purpose... what's missing.
Not sure how to diagnose; thanks.
Here's my CA PEM, as pasted into the SSLCACertificateFile:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
bf:45:a7:db:f9:8e:8f:d0
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, L=San Diego, O=TestCA, OU=TestCA-OU, CN=TestCA-CN
Validity
Not Before: Mar 8 21:39:52 2013 GMT
Not After : Apr 7 21:39:52 2013 GMT
Subject: C=US, ST=California, L=San Diego, O=TestCA, OU=TestCA-OU, CN=TestCA-CN
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
<snip>
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:99:47:8A:52:D3:38:20:68:A5:91:D9:E1:2E:6B:50:0D:5C:98:CB
X509v3 Authority Key Identifier:
keyid:5E:99:47:8A:52:D3:38:20:68:A5:91:D9:E1:2E:6B:50:0D:5C:98:CB
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
<snip>
...and here's the client cert:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20481 (0x5001)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=California, L=San Diego, O=TestCA, OU=TestCA-OU, CN=TestCA-CN
Validity
Not Before: Mar 8 23:46:55 2013 GMT
Not After : Mar 8 23:46:55 2014 GMT
Subject: C=US, ST=California, L=San Diego, O=TestClient, OU=TestClient-OU, CN=TestClient-CN
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
<snip>
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication
Signature Algorithm: sha1WithRSAEncryption
<snip>
/*******************************************************************/
Further info per Mike's request (took me a couple of tries to get 'openssl s_client' behaving.)
Here's the results: [...]
---
Acceptable client certificate CA names
/C=UK/O=Test Certificates/CN=Test CA
/C=US/ST=California/L=San Diego/O=TestCA/OU=TestCA-OU/CN=TestCA-CN
/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certific
ation Authority
---
[...]
So, the server is saying
/C=US/ST=California/L=San Diego/O=TestCA/OU=TestCA-OU/CN=TestCA-CN
is an acceptable client certificate, and the client has
Issuer: C=US, ST=California, L=San Diego, O=TestCA, OU=TestCA-OU, CN=TestCA-CN
in it's store -- but the browser doesn't include that in the list I can pick from. The browser does offer the client certs signed by
/C=UK/O=Test Certificates/CN=Test CA
and
/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
...bringing me back to "WTF?"
