0

Description of the Issue:

I am trying to connect to TLS 1.0 from the windows laptop to Windows IIS server. We have mutual authentication set-up at IIS.

Please see below the calls made for the handshake:

enter image description here

So it starts with client hello on frame no 4. And then in the next steps Server sends it’s certificate and ciphers are negotiated. And then on frame no 12, the handshake seems finished. And on frame no 13, client starts sending the application data.

But then again on frame no 14, Server sends a hello and we see a second handshake. Please can you answer my below query.

Question>> In mutual authentication, Client requests for Server Certificate. And then Server requests for the Client certificate. And when both of them has authenticated each other’s certificate, client starts sending application data. Isn’t this a normal process for mutual authentication?

Question>> On Frame 13, Client has already started sharing the application data. Then why is IIS asking for a second hand-shake on frame 21?

Question>> It seems the second hand-shake is for getting the client certificate ( Frame 24). But shouldn’t the Server ask for the Client certificate before frame 13.

In case you agree that this IIS behaviour is wrong, please can you suggest as how to fix this.

Thanks in advance.

Steffen Ullrich
  • 114,247
  • 10
  • 131
  • 172
Kowshik
  • 5
  • 2

1 Answers1

0

This scenario happens if the server does not require mutual authentication for all resources but only when accessing specific resources. Thus:

  • The initial handshake without client certificates is done (frames 4..12).
  • The client sends the HTTP request (frame 13).
  • Based on the request the server realizes that the clients likes to access a resource which requires mutual authentication. The server thus requests a new handshake using the Hello Request (frame 14).
  • The new handshake is done, this time with client certificates (frames 15..25).
  • The server sends the HTTP response after the authentication of the client was successful (frames 26,29).
Steffen Ullrich
  • 114,247
  • 10
  • 131
  • 172
  • Thanks Steffen.....Can we force IIS to do all validation in first hand-shake....Please suggest how to do that.....Also we have a mainframe CICS application calling a IIS server.....We tried the CICS to IIS call both using TLS 1.0 and TLS 1.2.....We are seeing a second handshake in both scenarios....For TLS1.2 the second handshake is successful....but for the TLS 1.0 the second handshake is failing.....Any idea why this is happening.... – Kowshik Oct 06 '17 at 06:31
  • @Kowshik: I have no idea if and how IIS can be configured differently. But, if client certificates are only required for specific resources instead of the whole site then this is impossible to change since the requested resource is only known after the first successful handshake and the initial request from the client. As to why it is failing with TLS 1.0 but not with TLS 1.2: I have no idea but this would be a different question anyway which needs its own (different) details about the problem. – Steffen Ullrich Oct 06 '17 at 07:30