Hi,
see comments/questions inline
On 23/06/20 14:03, Bruce Cloutier wrote:
Hello,
We administer a server (Windows) with a Bitnami stack for a Wordpress
implementation and that uses Apache Httpd and OpenSSL. Separately I am
developing the TLS ECC aspect of a controller device implementation and
note a problematic behavior with the server_key_exchange for ECDHE_RSA.
The developed device ECDHE_RSA suite works properly and as expected with
all of the other servers thus far tested. There is likely a
configuration issue with this Apache installation and I am fishing for a
hint.
you mention TLS ECC, suggesting Elliptic Curve Crypto, which might
indicate EC-encoded certificates as well, yet talk about ECDHE_RSA which
is Elliptic-curve Diffie-Hellman Exchange with RSA (for which you'd
normally use RSA-encoded certificates.
Now you can use both with httpd+openssl but you do need to specify the
right certificate (or certificates) when configuring mod_ssl - you can
even concatenate the RSA-signed certificate and the EC-signed
certificate in a single hostcert.pem and mod_ssl will pick up both ,
simply using
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
SSLCertificateFile /etc/httpd/certs/hostcert.pem
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/httpd/certs/hostkey.pem
I'd recommend to take your test cert+key and see if you can run it using
openssl s_server <parms>
against
openssl s_client <parms>
(use 'openssl s_server -help' and 'openssl s_client -help' for the
parameter list).
If *that* works and apache+mod_ssl does not then you're looking at an
mod_ssl configuration issue.
HTH,
JJK
The issue is that the RSA signature as part of the server_key_exchange
does not decrypt with the supplied certificate public RSA key. It does
indicate an rsa_pkcs1_sha256 signature.
With a fresh Bitnami install that still uses the default key and
certificate files, the protocol provides a valid digital signature. When
we change the server's certificate (and confirm this with the browser)
the server_key_exchange signature no longer validates. It is as if the
server continues to use the default key for the signature. I have not
tried to confirm that specific point.
My immediate question for someone close to the code is where does
Apache/OpenSSL look for the key file for this signature at this point in
the protocol?
I am hoping that there is just some additional configuration location
that needs to be given our new key file and/or certificate. Can anyone
confirm?
We noted this concern on a production server. We then installed the
stack on a different machine to confirm the fresh install operation. In
adding different key and certificate files we confirm that the signature
then fails. If I ignore the bad signature the secure communications
succeed.
I have been searching the net for this issue for weeks. That has been
fruitless. So I am turning to this list.
