1

I am trying to use Client Certificate Authentication (Mutual SSL Authentication) with a tomcat server (8.0.23) using APR. This all works fine with a tomcat using regular java based io, but fails during verifying the client signature when using native io (and openssl based cryptograph). I can get this to fail using openssl s_client (see below) - it logs SSL alert number 51 (I have googled this extensively with no help).

When I run openssl s_server and configure it as closely as possible to the tomcat configuration it works!! I am using the exact same s_client command in both cases (only the port is different) - all servers and clients are run on the same machine.

Any help would be greatly appreciated.

Tomcat: 8.0.23
Openssl : 1.0.2a-fips 19 Mar 2015
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-229.el7.x86_64

Tomcat connecter config:
<Connector port="8444" protocol="HTTP/1.1"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
SSLCipherSuite="TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA" SSLHonorCipherOrder="true"
SSLCertificateFile="/var/keys/star_dmiapps_com.cer"
SSLCertificateChainFile="/var/keys/star_dmiapps_com.chain.cer"
SSLCertificateKeyFile="/var/keys/star_dmiapps_com.key"
SSLPassword=“xxxxxxx"
SSLVerifyClient="optional"
SSLVerifyDepth="4"
SSLCACertificateFile="/usr/local/keys/uberChain.crt”/>

s_server command line

openssl s_server -cert /var/keys/star_dmiapps_com.cer -cipher "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA" -serverpref -key /var/keys/star_dmiapps_com.key -pass pass:xxxxxxxx -CAfile /usr/local/keys/uberChain.crt -verify 4

Output from s_client when talking to tomcat:

depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA
verify return:1
depth=0 C = US, ST = Maryland, L = Bethesda, O = "Digital Management, Inc.", CN = .dmiapps.com
verify return:1
140679845054368:error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error:s3_pkt.c:1259:SSL alert number 51
140679845054368:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:184:
CONNECTED(00000003)

Certificate chain
0 s:/C=US/ST=Maryland/L=Bethesda/O=Digital Management, Inc./CN=.dmiapps.com
i:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
1 s:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
2 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA

Server certificate
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIQA+HdMPwp8NAjvkVYy+Y4fDANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTQxMTE3MDAwMDAwWhcN
.
.
.
89v8qonrsSCd7AGtKTqf+wp6S0LT5KIbvCAq2ZnJ2O8UI1wESswSzZsq1CMOmdl2
gOlXzAf6+sF9jWIyvB8EQYF057zNk0zKEmBs0cyBRLgnV9Zj3bZQxFt+5ZMdODCn
D8d/WE5cE70nnsqcCIiBM5du
-----END CERTIFICATE-----
subject=/C=US/ST=Maryland/L=Bethesda/O=Digital Management, Inc./CN=*.dmiapps.com issuer=/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
Acceptable client certificate CA names
/C=US/ST=Maryland/O=DMI/CN=DMI Intermediate CA
/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
/C=US/ST=Maryland/L=Bethesda/O=DMI/CN=DMI Root CA
/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
Server Temp Key: ECDH, prime256v1, 256 bits

SSL handshake has read 4278 bytes and written 4612 bytes
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-SHA384
Session-ID:
Session-ID-ctx:
Master-Key: DEEA668F36C1D567B3CA327338737E674BB89D8A117D31466DC3104E6E02C7CF8009BD41F509A17104096BCAFE95F240
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1452722344
Timeout : 300 (sec)
Verify return code: 0 (ok)

Output from s_client when talking to s_server

depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA
verify return:1
depth=0 C = US, ST = Maryland, L = Bethesda, O = "Digital Management, Inc.", CN = .dmiapps.com
verify return:1
CONNECTED(00000003)

Certificate chain 0 s:/C=US/ST=Maryland/L=Bethesda/O=Digital Management, Inc./CN=.dmiapps.com
i:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
1 s:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
2 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA

Server certificate
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIQA+HdMPwp8NAjvkVYy+Y4fDANBgkqhkiG9w0BAQsFADBN
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTQxMTE3MDAwMDAwWhcN
.
.
.
89v8qonrsSCd7AGtKTqf+wp6S0LT5KIbvCAq2ZnJ2O8UI1wESswSzZsq1CMOmdl2
gOlXzAf6+sF9jWIyvB8EQYF057zNk0zKEmBs0cyBRLgnV9Zj3bZQxFt+5ZMdODCn
D8d/WE5cE70nnsqcCIiBM5du
-----END CERTIFICATE-----
subject=/C=US/ST=Maryland/L=Bethesda/O=Digital Management, Inc./CN=*.dmiapps.com issuer=/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
Acceptable client certificate CA names
/C=US/ST=Maryland/O=DMI/CN=DMI Intermediate CA
/C=US/ST=Maryland/L=Bethesda/O=DMI/CN=DMI Root CA
/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA
/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
Server Temp Key: ECDH, prime256v1, 256 bits
SSL handshake has read 5849 bytes and written 4861 bytes

New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-SHA384
Session-ID: A2978962A54C12A5EEB008A55BAD06872EA1B6BBBFCFF48C62FD026776BB0AAF
Session-ID-ctx:
Master-Key: 5D55FD5EF5B5CBDD052F2420FC0D154771F655074BDD58A23B44A20B415E0C404F1F4848E658657685FB797386C28B88
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 2d 07 bf e6 1e 1d c0 b4-f8 4c 3a 4d f1 c5 4d b7 -........L:M..M.
0010 - 36 c9 d6 b2 43 ae c1 ea-2c 5a 2c 81 5a 7b 0f 09 6...C...,Z,.Z{..
0020 - b0 01 66 dc b6 d1 c7 88-7a a2 d6 38 7b 82 75 02 ..f.....z..8{.u.
.
.
.
0590 - 46 b9 db b2 03 b4 4d 54-f3 27 7c 8e bf a2 44 17 F.....MT.'|...D.
05a0 - 54 e5 61 c9 f0 ea 13 aa-4d f4 84 fb b7 34 c5 b1 T.a.....M....4..

Start Time: 1452722382<br/>
Timeout   : 300 (sec)<br/>
Verify return code: 0 (ok)<br/>
rich95
  • 31
  • 5
  • I was finally able to solve this (although I don't know what the **exact** problem was. I updated to the latest version of everything: tomcat: 8.0.30 apr: 1.5.2 tc-native: 1.2.4 openssl (unchanged) 1.0.2a-fips - same exact certs and configs - it worked!!! Must have been some type of incompatible versions – rich95 Jan 14 '16 at 13:35

0 Answers0