[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

Re: SSL: how to tell client what certificate to expect?

Bryan Stansell bryan@conserver.com
Mon, 1 Nov 2010 23:41:27 GMT 

On Mon, Nov 01, 2010 at 06:19:28PM -0400, Thor Simon wrote:
> I don't quite understand Conserver's SSL support.  What is the purpose
> of specifying a certificate for a client, if the server cannot use it to
> identify a particular user?

Well, if you provide the certificate, it needs to succeed it's
authenticity check.  If you don't provide one at all, it falls back to
an anonymous cipher (so, it's encrypted, but not authenticated and
subject to man-in-the-middle).

> How do I tell the client what certificate to expect (or what CA to expect
> to have signed it) for the server?  If there's no way to do that, then
> there is no real protection from using SSL, since it is trivial to conduct
> a man-in-the-middle attack using any certificate that one happens to have
> handy...

There's no hook for specifying a different CA or CA repository.  It uses
whatever openssl was built with...and if you have the CA in your global
repository, it should succeed and be fine.  If you don't it should fail
with a validation error.

So, to "summarize":

- No certificates on client or server
  - anonymous ciphers are used and you get encryption without
    authentication

- Server-side certificate only
  - client must validate certificate with global openssl CA store
  - server doesn't require or receive a client certificate, and is fine
    with that

- Client-side certificate only
  - server must validate certificate with global openssl CA store
  - client doesn't require or receive a server certificate, and is fine
    with that

- Server-side and client-side certificate
  - client must validate certificate with global openssl CA store
  - server must validate certificate with global openssl CA store

Adding a hook to require the client certificate is the potentially
missing piece - so you can force clients to provide a certificate.
Adding a hook to override the CA store would possibly be useful as well.

I *think* if you modify conserver/main.c and replace "SSL_VERIFY_PEER"
with "SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT" you get the
client certificate enforcement.  It needs to be tested and a
configuration hook provided if so.  But perhaps it's enough for you to
get the config you'd like right now.

Bryan