Unexpected result of requesting client certificate when requesting locations with different SSLVerifyClient settings

[Du Hao <dwaynedu@xxxxxxxxx>]

Hello,

I ran into a problem when configuring different locations for Apache HTTP Server while utilizing client certificate. The client certificate is not stored permanently on the browser; It is expected that the client certificate will be inserted by encrypted USB stick before the user is clicking on the protected location. 

Let's say I have a virtual host (https://host/) with SSLVerifyClient optional and a location inside that v-host (https://host/require) with SSLVerifyClient require.

___________________sample config_____________

<VirtualHost _default_:443>

ServerName host

........

SSLVerifyClient optional

SSLVerifyDepth 10

SSLOptions +FakeBasicAuth +ExportCertData

.......

<Location /require>

SSLVerifyClient require

</Location>

</VirtualHost>

___________________________________________

When I either directly visit https://host/require or https://host/, they both request client certificate normally; the difference is that if I cancel submitting certificate, the latter one would still allow access, while the former one rejecting access by SSL error: ERR_BAD_SSL_CLIENT_AUTH_CERT.

The problem happens when I DOESN'T submit the certificate (or don't have a certificate at the time) when I visit https://host/, then I acquired the client certificate and then browse to https://host/require in the same browser tab. Ideally it should request client certificate once more, but it doesn't; instead it emits ERR_BAD_SSL_CLIENT_AUTH_CERT immediately. Only after I clicked the Refresh button on https://host/require, then it request client certificate as normal.

I checked the debug log and it looks like the following:

_________Visiting https://host/_________

[Wed Apr 10 23:13:49.290449 2019] [ssl:debug] [pid 2656:tid 140593581737728] ssl_engine_kernel.c(746): [client 10.111.84.227:62107] AH02255: Changed client verification type will force renegotiation

[Wed Apr 10 23:13:49.290476 2019] [ssl:info] [pid 2656:tid 140593581737728] [client 10.111.84.227:62107] AH02221: Requesting connection re-negotiation

[Wed Apr 10 23:13:49.290485 2019] [ssl:debug] [pid 2656:tid 140593581737728] ssl_engine_kernel.c(975): [client 10.111.84.227:62107] AH02260: Performing full renegotiation: complete handshake protocol (client does support secure renegotiation)

[Wed Apr 10 23:13:49.290530 2019] [ssl:info] [pid 2656:tid 140593581737728] [client 10.111.84.227:62107] AH02226: Awaiting re-negotiation handshake

[Wed Apr 10 23:13:49.292550 2019] [ssl:error] [pid 2656:tid 140593581737728] [client 10.111.84.227:62107] AH02261: Re-negotiation handshake failed

_________Clicking "cancel" on submitting certificate to https://host/_________

[Wed Apr 10 23:13:50.788696 2019] [ssl:debug] [pid 2656:tid 140593573345024] ssl_engine_kernel.c(746): [client 10.111.84.227:62108] AH02255: Changed client verification type will force renegotiation

[Wed Apr 10 23:13:50.788795 2019] [ssl:info] [pid 2656:tid 140593573345024] [client 10.111.84.227:62108] AH02221: Requesting connection re-negotiation

[Wed Apr 10 23:13:50.788832 2019] [ssl:debug] [pid 2656:tid 140593573345024] ssl_engine_kernel.c(975): [client 10.111.84.227:62108] AH02260: Performing full renegotiation: complete handshake protocol (client does support secure renegotiation)

[Wed Apr 10 23:13:50.789059 2019] [ssl:info] [pid 2656:tid 140593573345024] [client 10.111.84.227:62108] AH02226: Awaiting re-negotiation handshake

[Wed Apr 10 23:13:50.794931 2019] [authz_core:debug] [pid 2656:tid 140593573345024] mod_authz_core.c(820): [client 10.111.84.227:62108] AH01626: authorization result of Require all granted: granted

[Wed Apr 10 23:13:50.794940 2019] [authz_core:debug] [pid 2656:tid 140593573345024] mod_authz_core.c(820): [client 10.111.84.227:62108] AH01626: authorization result of <RequireAny>: granted

[Wed Apr 10 23:13:50.798066 2019] [authz_core:debug] [pid 2656:tid 140593564952320] mod_authz_core.c(820): [client 10.111.84.227:62108] AH01626: authorization result of Require all granted: granted

[Wed Apr 10 23:13:50.798075 2019] [authz_core:debug] [pid 2656:tid 140593564952320] mod_authz_core.c(820): [client 10.111.84.227:62108] AH01626: authorization result of <RequireAny>: granted

[Wed Apr 10 23:13:50.798100 2019] [authz_core:debug] [pid 2656:tid 140593564952320] mod_authz_core.c(820): [client 10.111.84.227:62108] AH01626: authorization result of Require all granted: granted

[Wed Apr 10 23:13:50.798103 2019] [authz_core:debug] [pid 2656:tid 140593564952320] mod_authz_core.c(820): [client 10.111.84.227:62108] AH01626: authorization result of <RequireAny>: granted

_________Visiting https://host/require_________

[Wed Apr 10 23:14:08.548394 2019] [ssl:debug] [pid 2534:tid 140593665664768] ssl_engine_kernel.c(746): [client 10.111.84.227:62110] AH02255: Changed client verification type will force renegotiation

[Wed Apr 10 23:14:08.548469 2019] [ssl:info] [pid 2534:tid 140593665664768] [client 10.111.84.227:62110] AH02221: Requesting connection re-negotiation

[Wed Apr 10 23:14:08.548505 2019] [ssl:debug] [pid 2534:tid 140593665664768] ssl_engine_kernel.c(975): [client 10.111.84.227:62110] AH02260: Performing full renegotiation: complete handshake protocol (client does support secure renegotiation)

[Wed Apr 10 23:14:08.548659 2019] [ssl:info] [pid 2534:tid 140593665664768] [client 10.111.84.227:62110] AH02226: Awaiting re-negotiation handshake

[Wed Apr 10 23:14:08.553605 2019] [ssl:error] [pid 2534:tid 140593665664768] [client 10.111.84.227:62110] AH02261: Re-negotiation handshake failed

[Wed Apr 10 23:14:08.559173 2019] [ssl:debug] [pid 2656:tid 140593531381504] ssl_engine_kernel.c(746): [client 10.111.84.227:62111] AH02255: Changed client verification type will force renegotiation

[Wed Apr 10 23:14:08.559240 2019] [ssl:info] [pid 2656:tid 140593531381504] [client 10.111.84.227:62111] AH02221: Requesting connection re-negotiation

[Wed Apr 10 23:14:08.559275 2019] [ssl:debug] [pid 2656:tid 140593531381504] ssl_engine_kernel.c(975): [client 10.111.84.227:62111] AH02260: Performing full renegotiation: complete handshake protocol (client does support secure renegotiation)

[Wed Apr 10 23:14:08.559395 2019] [ssl:info] [pid 2656:tid 140593531381504] [client 10.111.84.227:62111] AH02226: Awaiting re-negotiation handshake

[Wed Apr 10 23:14:08.565194 2019] [ssl:error] [pid 2656:tid 140593531381504] [client 10.111.84.227:62111] AH02261: Re-negotiation handshake failed

[Wed Apr 10 23:14:08.565268 2019] [ssl:error] [pid 2656:tid 140593531381504] SSL Library Error: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate -- No CAs known to server for verification?

_________Server emits ERR_BAD_SSL_CLIENT_AUTH_CERT_________

I tried with the following scenarios:

1. The Vhost root use SSLVerifyClient none and Location uses SSLVerifyClient require: the latter emits no error before requesting client certificate;

2. The Vhost root use SSLVerifyClient none, Location1 uses SSLVerifyClient optional, and Location2 uses SSLVerifyClient require: If I have visited Location1 and submitted no client certificate, Location2 will emit ERR_BAD_SSL_CLIENT_AUTH_CERT before requesting client certificate, no matter if I am jumping from root or Location 1.

I suspect there is a bug involved in the SSL client verification type changing and the re-negotiation flow. While I admit it may be a corner case but the original use case is very crucial to my current user base. I checked the Bug database and there is a similar bug except that is related to TLSv1.3. For browser compatibility, I am currently disabling TLSv1.3, although I am testing with Apache 2.4.38 and OpenSSL 1.1.1b.

I would love to hear any suggestions on an alternative configuration to support my scenario, and thank you very much in advance.

Regards,

Hao Du