Re: [reSIProcate] TLS handshake failure
Thanks for the information.
The code for a resip client verifying the server cert is in the function
computePeerName that is called after the SSL_do_handshake. My
application is failing in SSL_connect itself, so I think it is a issue
of not being able to find the cert issuer in the trusted list. This
statement is based on the fact that when I run openssl s_client I am
able to connect successfully (but I do see errors related to cert
verification - errors are in my initial post).
So I am trying to understand how the verification works. My machine has
a file called /usr/share/ssl/cert.pem that has 61 (CA) certs in it. 13
of these are from Verisign. I created 13 files with prefix root_cert_
under my application directory and the logs indicate that the preload
function is loading these certificates now.
I connect to the server and the server presents this certificate. (some
portions have been replaced with XXXX or ....)
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
XXXX
Signature Algorithm: sha1WithRSAEncryption
Issuer: O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign
International Server CA - Class 3, OU=www.verisign.com/CPS Incorp.by
Ref. LIABILITY LTD.(c)97 VeriSign
Validity
Not Before: Dec 6 00:00:00 2004 GMT
Not After : Dec 6 23:59:59 2006 GMT
Subject: C=US, ST=Virginia, L=XXXX, O=XXXX, OU=XXXX, OU=Terms of
use at www.verisign.com/rpa (c)00, CN=XXXX
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
....:
....:
....:
....:
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 CRL Distribution Points:
URI:http://crl.verisign.com/Class3InternationalServer.crl
X509v3 Certificate Policies:
Policy: 2.16.840.1.113733.1.7.23.3
CPS: https://www.verisign.com/rpa
X509v3 Extended Key Usage:
Netscape Server Gated Crypto, TLS Web Server
Authentication, TLS Web Client Authentication
Authority Information Access:
OCSP - URI:http://ocsp.verisign.com
1.3.6.1.5.5.7.1.12:
0_.].[0Y0W0U..image/gif0!
0.0...+..............k...j.H.,{..0%.#http://logo.verisign.com/vslogo.gif
Signature Algorithm: sha1WithRSAEncryption
....:
....:
....:
....:
What happens during verification? I am guessing something in this cert
should match one of the root certs for verification to succeed? What is
that bit?
I even tried adding this to Security.cxx but it did not help.
SSL_CTX_set_options(mSslCtx, SSL_OP_ALL);
Another thing I noticed is that resip uses calls to X509_STORE*. I
looked at another SSL based app and it uses stuff like this:
SSL_CTX_set_client_CA_list();
SSL_CTX_load_verify_locations()
Are both of these approaches basically doing the same thing behind the
scenes?
If anyone has successfully tested a scenario similar to what I described
above, please let me know.
FWIW, the other side is able to successfully establish a TLS connection
with my application and send in SIP messages. It is just not working
from me to them.
I am at my wit's end here. Any help, pointers are welcome.
Thanks
Sandeep
On Mon, 2005-05-02 at 17:22 -0700, Cullen Jennings wrote:
> Try and answer a few of your questions here - there should be better
> documentation on all of this ...
>
> the root_cert* files are the certs for CA that you trust - so you would need
> to copy the versign cert to one of these.
>
> The domain_cert are the things that are used for TLS - so this would be
> your certificate for the serer.
>
> The user_cers are only used for S/MIME and don't have anything to do with
> TLS
>
> Some of the code on a Resip client verifying the server cert has been
> changing and I'm a not up to date on it. It should be checking the
> SubjectAltName of the cert and that the date of the cert is valid. It is not
> checking CRL stuff.
>
>
> On 5/2/05 4:57 PM, "Sandeep Sharma" <ssharma@xxxxxxxxxx> wrote:
>
> > Hello,
> >
> > I am looking for some help on how resiprocate validates/verifies server
> > certificates presented as part of TLS handshake.
> >
> > The client is my application linked with resiprocate. The server is
> > another application that uses openssl.
> >
> > The client tries to establish a TLS connection to server. On the client
> > (resip) side, following errors are seen..
> >
> > TlsConnection.cxx:176 | TLS connection failed ok=-1 err=5
> > error:00000005:lib(0):func(0):DH lib
> > TlsConnection.cxx:196 | (SSL Error want syscall)
> > TlsConnection.cxx:197 | Error may be because trying ssl connection to
> > tls server
> > TlsConnection.cxx:228 | Couldn't TLS connect
> > Write failed on socket: 18, closing connection
> >
> > On server side, they report errors like this:
> > SSL3_GET_CLIENT_CERTIFICATE: peer did not return a certificate.
> >
> > I CAN establish a connection using openssl s_client using -ssl2, so I
> > know that the server is SSL2 (not TLS). In my application, I am using
> > SSLv23 as the method. This also proves that the server has been
> > provisioned with my (client's) self signed cert.
> >
> > I read that openssl s_client does server certificate verification but
> > still continues if the verification fails. But looks like resip stops if
> > the verification fails.
> >
> > I looked back into the logs from openssl s_client and sure enough, there
> > were messages related to server certificate verification failure.
> >
> > openssl s_client -connect server:port -verify 10 -cert cert.pem -key
> > key.pem -showcerts -debug -nbio_test -state -crlf -ssl2
> >
> > verify error:num=20:unable to get local issuer certificate
> > verify return:1
> > verify error:num=27:certificate not trusted
> > verify return:1
> > verify error:num=21:unable to verify the first certificate
> > verify return:1
> >
> > The server cert is issued by Verisign and the CN matches the machine
> > name that I am trying to connect to.
> >
> > When I copy the server certificate on to my box and run openssl verify
> > on that cert, I get similar (not exactly same) errors.
> >
> > I looked in resip code and found that there is some processing done with
> > files with prefix domain_cert_, user_cert_ and root_cert_ but did not
> > really understand what needs to be done.
> >
> > So my specific questions are:
> >
> > 1) How does resip verify server certs presented as part of TLS
> > handshake? Where does it look for trusted issuers?
> >
> > 2) What is the difference between domain_cert_*.pem, user_cert_*.pem and
> > root_cert_*.pem? How are they used?
> >
> > Any feedback, answers, suggestions and questions are welcome.
> >
> > Thanks
--
Sandeep Sharma <ssharma@xxxxxxxxxx>