Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#405 - openvpn-mbedtls can not verify certificate #5441

Closed
openwrt-bot opened this issue Jan 18, 2017 · 4 comments
Closed

FS#405 - openvpn-mbedtls can not verify certificate #5441

openwrt-bot opened this issue Jan 18, 2017 · 4 comments
Labels

Comments

@openwrt-bot
Copy link

duvi:

On the same configuration, same system, same certificates, openvpn-mbedtls can not verify the certificate, but openvpn-openssl is working ok.

Notice the "??=vma", how openvpn-mbedtls doesn't recognize the "name" field in the certificate. Maybe that is the problem.

I have the same suboptions enabled in "make menuconfig" in both cases.

openvpn-mbedtls:
Fri Jan 13 23:05:58 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]my.ser.ver.ip:1194
Fri Jan 13 23:05:58 2017 Socket Buffers: R=[163840->163840] S=[163840->163840]
Fri Jan 13 23:05:58 2017 UDP link local (bound): [AF_INET][undef]:1194
Fri Jan 13 23:05:58 2017 UDP link remote: [AF_INET]my.ser.ver.ip:1194
Fri Jan 13 23:05:58 2017 TLS: Initial packet from [AF_INET]my.ser.ver.ip:1194, sid=75e238e0 c51819f1
Fri Jan 13 23:05:58 2017 VERIFY ERROR: depth=0, subject=C=HU, ST=BA, L=Pecs, O=Duvinet, OU=vma, CN=my.server.dns, ??=vma, emailAddress=myemail@mydomain.hu: The certificate is signed with an unacceptable key (eg bad curve, RSA too short).
Fri Jan 13 23:05:58 2017 TLS_ERROR: read tls_read_plaintext error: X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
Fri Jan 13 23:05:58 2017 TLS Error: TLS object -> incoming plaintext read error
Fri Jan 13 23:05:58 2017 TLS Error: TLS handshake failed
Fri Jan 13 23:05:58 2017 SIGUSR1[soft,tls-error] received, process restarting

openvpn-openssl:
Tue Jan 17 09:36:06 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]my.ser.ver.ip:1194
Tue Jan 17 09:36:06 2017 Socket Buffers: R=[163840->163840] S=[163840->163840]
Tue Jan 17 09:36:06 2017 UDP link local (bound): [AF_INET][undef]:1194
Tue Jan 17 09:36:06 2017 UDP link remote: [AF_INET]my.ser.ver.ip:1194
Tue Jan 17 09:36:06 2017 TLS: Initial packet from [AF_INET]my.ser.ver.ip:1194, sid=3fc0a62c be2ce0f4
Tue Jan 17 09:36:06 2017 VERIFY OK: depth=1, C=HU, ST=BA, L=Pecs, O=Duvinet, OU=vma, CN=my.server.dns, name=vma, emailAddress=myemail@mydomain.hu
Tue Jan 17 09:36:06 2017 Validating certificate key usage
Tue Jan 17 09:36:06 2017 ++ Certificate has key usage 00a0, expects 00a0
Tue Jan 17 09:36:06 2017 VERIFY KU OK
Tue Jan 17 09:36:06 2017 Validating certificate extended key usage
Tue Jan 17 09:36:06 2017 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Jan 17 09:36:06 2017 VERIFY EKU OK

@openwrt-bot
Copy link
Author

nbd:

It looks like the problem is this:
"The certificate is signed with an unacceptable key (eg bad curve, RSA too short)."

Are you still using an RSA-1024 certificate? mbedtls refuses those for security reasons

@openwrt-bot
Copy link
Author

duvi:

Thanks for the tip, I regeneretad the certificates with RSA 2048, and it's working ok now.
I just wonder, why openssl still accepts it.
Anyway, we can close this.

@openwrt-bot
Copy link
Author

ianchi:

Hi, I'm having the same issue after switching from openssl to mbedtls.
I regenerated certificates with 2048length, and now the CA cert is ok, but now I get get a validation error on the client cert:
"The certificate is signed with an unacceptable hash."

On the client side (running an openssl version) the server certificate is successfully validated

Any ideas on what can be happening?

@openwrt-bot
Copy link
Author

ianchi:

Just to share the solution that worked for me to switch to mbedtls:

  • change to RSA 2048
  • change certificate digest from MD5 to SHA256 (use option "default_md = sha256").

The default digest used by easy-rsa key generation scripts was "md5", and it was rejected by mbedtls.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant