I couldn't find an FAQ anywhere which might explain this problem.
We're developing a CA of our own to issue server and client
certificates for internal applications. I've been working on the Web
application which allows users to apply for certs -- naturally, this
is an SSL server itself. (Oh, and the Web server is
apache+mod_ssl-1.3.9+2.4.2 compiled against openssl-0.9.4, both from
the FreeBSD ports collection.) A few months ago, with OpenSSL and
mod_ssl current at that time, I managed to make everything work (at
least using Netscape 4.08). Now, I'm getting the dreaded ``The
server's certificate has an invalid signature'' dialog from Netscape,
and the analogue from Internet Exploder. (To save you the effort of
decoding the PEM below I'll append the text interpretation of the
relevant certificates at the end of this mesage.)
This does not appear to be server-specific, since I can easily
reproduce it with `openssl s_server':
------------------------------------
bash# openssl s_server -CApath ssl.crt -key ssl.key/server.key -cert
ssl.crt/server.crt -state -www -cipher HIGH -bugs
Using default temp DH parameters
ACCEPT
SSL_accept:before/accept initialization
SSL_accept:SSLv3 read client hello A
SSL_accept:SSLv3 write server hello A
SSL_accept:SSLv3 write certificate A
SSL_accept:SSLv3 write server done A
SSL_accept:SSLv3 flush data
SSL3 alert read:fatal:bad certificate
SSL_accept:failed in SSLv3 read client certificate A
32989:error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
certificate:s3_pkt.c:774:SSL alert number 42
32989:error:140780E5:SSL routines:SSL23_READ:ssl handshake failure:s23_lib.c:173:
------------------------------------
Moreover, connecting with the simple client succeeds:
------------------------------------
wollman@khavrinen(622)$ openssl s_client -connect ca.lcs.mit.edu:4433 -CAfile
server-bundle.pem -ssl3
CONNECTED(00000003)
depth=2 /C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for Computer
Science/OU=Computer Resource Services/CN=Master [EMAIL PROTECTED]
verify return:1
depth=1 /C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for Computer
Science/OU=Secure Servers/CN=LCS Certificate
[EMAIL PROTECTED]
verify return:1
depth=0 /C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for Computer
Science/OU=Secure Servers/CN=ca.lcs.mit.edu
verify return:1
---
Certificate chain
0 s:/C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for Computer
Science/OU=Secure Servers/CN=ca.lcs.mit.edu
i:/C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for Computer
Science/OU=Secure Servers/CN=LCS Certificate
[EMAIL PROTECTED]
1 s:/C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for Computer
Science/OU=Secure Servers/CN=LCS Certificate
[EMAIL PROTECTED]
i:/C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for Computer
Science/OU=Computer Resource Services/CN=Master [EMAIL PROTECTED]
2 s:/C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for Computer
Science/OU=Computer Resource Services/CN=Master [EMAIL PROTECTED]
i:/C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for Computer
Science/OU=Computer Resource Services/CN=Master [EMAIL PROTECTED]
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEUTCCA76gAwIBAgIBBzAJBgUrDgMCDwUAMIHVMQswCQYDVQQGEwJVUzEWMBQG
A1UECBMNTWFzc2FjaHVzZXR0czESMBAGA1UEBxMJQ2FtYnJpZGdlMSwwKgYDVQQK
EyNNSVQgTGFib3JhdG9yeSBmb3IgQ29tcHV0ZXIgU2NpZW5jZTEXMBUGA1UECxMO
U2VjdXJlIFNlcnZlcnMxIjAgBgNVBAMTGUxDUyBDZXJ0aWZpY2F0ZSBBdXRob3Jp
dHkxLzAtBgkqhkiG9w0BCQEWIGJ1Zy1sY3MtY2VydGlmaWNhdGVzQGxjcy5taXQu
ZWR1MB4XDTAwMDEyNzIxMDY1OFoXDTAxMDEyNjIxMDY1OFowgZkxCzAJBgNVBAYT
AlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMRIwEAYDVQQHEwlDYW1icmlkZ2Ux
LDAqBgNVBAoTI01JVCBMYWJvcmF0b3J5IGZvciBDb21wdXRlciBTY2llbmNlMRcw
FQYDVQQLEw5TZWN1cmUgU2VydmVyczEXMBUGA1UEAxMOY2EubGNzLm1pdC5lZHUw
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOMK0HSUTZQ5/zRLTES5Vt1yrq/8
OsnnNOA3XK0hEHqWOxfJ0GOaaHpclXlfta0C7UztiOCVbNxs1x165Fo3yWFR4Yct
vd5Swypu41w0pilx44i+E+wW00rMFnRBmFSsR8S/DFw/mjgyxMxdQe/Sf9N7z8LV
LMmyp9mKnY7kfF6ZAgMBAAGjggFxMIIBbTARBglghkgBhvhCAQEEBAMCBkAwHQYD
VR0OBBYEFN+dlXWt2yOTdrG0PzvTCxrME64TMIH0BgNVHSMEgewwgemAFFjqcdKz
XI/+JBegSFFVhYCl0FdqoYHNpIHKMIHHMQswCQYDVQQGEwJVUzEWMBQGA1UECBMN
TWFzc2FjaHVzZXR0czESMBAGA1UEBxMJQ2FtYnJpZGdlMSwwKgYDVQQKEyNNSVQg
TGFib3JhdG9yeSBmb3IgQ29tcHV0ZXIgU2NpZW5jZTEjMCEGA1UECxMaQ29tcHV0
ZXIgUmVzb3VyY2UgU2VydmljZXMxEjAQBgNVBAMTCU1hc3RlciBDQTElMCMGCSqG
SIb3DQEJARYWYnVnLWxjcy1jYUBsY3MubWl0LmVkdYIBAjAJBgNVHRIEAjAAMDcG
CWCGSAGG+EIBCAQqFihodHRwOi8vY2EubGNzLm1pdC5lZHUvcG9saWN5L3NlcnZl
ci5odG1sMAkGBSsOAwIPBQADgYEACg5UWBvRTiLNZUhmQIBwCEx5eZ1T6SEU4fgE
BSnYo/HW35gGe+j9UcA4T2ylEmpfluv2ghiU44dG0+v47kSO3znKDsQ/mfswHvtV
tUwtafsBk3h3wzqnqnMA6oaLbvvh9lm+q9Los0irBMFMooY89GmQL9dH8mSj5KfK
/RME4xE=
-----END CERTIFICATE-----
subject=/C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for Computer
Science/OU=Secure Servers/CN=ca.lcs.mit.edu
issuer=/C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for Computer
Science/OU=Secure Servers/CN=LCS Certificate
[EMAIL PROTECTED]
---
No client certificate CA names sent
---
SSL handshake has read 3781 bytes and written 226 bytes
---
New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA
Server public key is 1024 bit
SSL-Session:
Protocol : SSLv3
Cipher : EDH-RSA-DES-CBC3-SHA
Session-ID: 1B01BA35A468F6CD7C9853B678A75462B27D8D14B1620B9A812BFC539DC078ED
Session-ID-ctx:
Master-Key:
568CAC9E26264703863345C033C684C76C332A110EDACE13F405CB6DE01D1D35BCB9E5961FB89F121EAF878D77A081F6
Key-Arg : None
Start Time: 949348655
Timeout : 7200 (sec)
---
GET /
HTTP/1.0 200 ok
Content-type: text/html
<HTML><BODY BGCOLOR="#ffffff">
<pre>
s_server -CApath ssl.crt -key ssl.key/server.key -cert ssl.crt/server.crt -state -www
-cipher HIGH -bugs
Ciphers supported in s_server binary
TLSv1/SSLv3:EDH-RSA-DES-CBC3-SHA TLSv1/SSLv3:EDH-DSS-DES-CBC3-SHA
TLSv1/SSLv3:DES-CBC3-SHA SSLv2 :DES-CBC3-MD5
---
Ciphers common between both SSL end points:
EDH-RSA-DES-CBC3-SHA EDH-DSS-DE
---
New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA
SSL-Session:
Protocol : SSLv3
Cipher : EDH-RSA-DES-CBC3-SHA
Session-ID: 1B01BA35A468F6CD7C9853B678A75462B27D8D14B1620B9A812BFC539DC078ED
Session-ID-ctx: 01000000
Master-Key:
568CAC9E26264703863345C033C684C76C332A110EDACE13F405CB6DE01D1D35BCB9E5961FB89F121EAF878D77A081F6
Key-Arg : None
Start Time: 949348655
Timeout : 300 (sec)
---
1 items in the session cache
0 client connects (SSL_connect())
0 client renegotiates (SSL_connect())
0 client connects that finished
1 server accepts (SSL_accept())
0 server renegotiates (SSL_accept())
1 server accepts that finished
0 session cache hits
0 session cache misses
0 session cache timeouts
0 callback cache hits
0 cache full overflows (128 allowed)
---
no client certificate available
</BODY></HTML>
read:errno=0
------------------------------------
If you have any ideas as to how this problem can be fixed or worked
around, please contact me directly.
-GAWollman
------------------------------------
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: shaWithRSAEncryption
Issuer: C=US, ST=Massachusetts, L=Cambridge, O=MIT Laboratory for Comput
er Science, OU=Secure Servers, CN=LCS Certificate Authority/Email=bug-lcs-certif
[EMAIL PROTECTED]
Validity
Not Before: Jan 27 21:06:58 2000 GMT
Not After : Jan 26 21:06:58 2001 GMT
Subject: C=US, ST=Massachusetts, L=Cambridge, O=MIT Laboratory for Compu
ter Science, OU=Secure Servers, CN=ca.lcs.mit.edu
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:e3:0a:d0:74:94:4d:94:39:ff:34:4b:4c:44:b9:
56:dd:72:ae:af:fc:3a:c9:e7:34:e0:37:5c:ad:21:
10:7a:96:3b:17:c9:d0:63:9a:68:7a:5c:95:79:5f:
b5:ad:02:ed:4c:ed:88:e0:95:6c:dc:6c:d7:1d:7a:
e4:5a:37:c9:61:51:e1:87:2d:bd:de:52:c3:2a:6e:
e3:5c:34:a6:29:71:e3:88:be:13:ec:16:d3:4a:cc:
16:74:41:98:54:ac:47:c4:bf:0c:5c:3f:9a:38:32:
c4:cc:5d:41:ef:d2:7f:d3:7b:cf:c2:d5:2c:c9:b2:
a7:d9:8a:9d:8e:e4:7c:5e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
Netscape Cert Type:
SSL Server
X509v3 Subject Key Identifier:
DF:9D:95:75:AD:DB:23:93:76:B1:B4:3F:3B:D3:0B:1A:CC:13:AE:13
X509v3 Authority Key Identifier:
keyid:58:EA:71:D2:B3:5C:8F:FE:24:17:A0:48:51:55:85:80:A5:D0:57:6
A
DirName:/C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for
Computer Science/OU=Computer Resource Services/CN=Master CA/Email=bug-lcs-ca@lcs
.mit.edu
serial:02
X509v3 Issuer Alternative Name:
<EMPTY>
Netscape CA Policy Url:
http://ca.lcs.mit.edu/policy/server.html
Signature Algorithm: shaWithRSAEncryption
0a:0e:54:58:1b:d1:4e:22:cd:65:48:66:40:80:70:08:4c:79:
79:9d:53:e9:21:14:e1:f8:04:05:29:d8:a3:f1:d6:df:98:06:
7b:e8:fd:51:c0:38:4f:6c:a5:12:6a:5f:96:eb:f6:82:18:94:
e3:87:46:d3:eb:f8:ee:44:8e:df:39:ca:0e:c4:3f:99:fb:30:
1e:fb:55:b5:4c:2d:69:fb:01:93:78:77:c3:3a:a7:aa:73:00:
ea:86:8b:6e:fb:e1:f6:59:be:ab:d2:e8:b3:48:ab:04:c1:4c:
a2:86:3c:f4:69:90:2f:d7:47:f2:64:a3:e4:a7:ca:fd:13:04:
e3:11
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=Massachusetts, L=Cambridge, O=MIT Laboratory for Comput
er Science, OU=Computer Resource Services, CN=Master [EMAIL PROTECTED]
.edu
Validity
Not Before: Dec 3 03:02:53 1999 GMT
Not After : Nov 30 03:02:53 2009 GMT
Subject: C=US, ST=Massachusetts, L=Cambridge, O=MIT Laboratory for Compu
ter Science, OU=Secure Servers, CN=LCS Certificate Authority/Email=bug-lcs-certi
[EMAIL PROTECTED]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:aa:8d:f2:94:40:f4:a7:7f:1a:06:47:a9:cb:28:
a5:45:bc:78:9b:4a:30:f8:3f:66:22:b1:a3:fd:35:
77:79:bc:b9:4f:e1:3d:8d:18:dd:b2:61:47:68:71:
29:a0:0e:45:1d:a6:46:ee:de:6d:30:29:4a:d1:26:
49:a6:fa:31:35:0e:ac:64:1f:8e:5c:8f:8c:67:55:
19:75:27:da:f1:93:0c:3b:45:41:60:65:3f:d4:34:
58:1a:96:d4:78:aa:71:0f:ea:b0:52:bb:59:4b:44:
94:ab:87:05:71:a0:f3:d5:5f:18:7e:24:2b:e8:3d:
66:07:c5:b7:3a:32:29:a2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:EA:71:D2:B3:5C:8F:FE:24:17:A0:48:51:55:85:80:A5:D0:57:6A
X509v3 Authority Key Identifier:
keyid:BC:54:B7:95:4C:91:B4:6F:8B:4C:B1:C5:2A:F8:3E:69:03:08:90:1
6
DirName:/C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for
Computer Science/OU=Computer Resource Services/CN=Master CA/Email=bug-lcs-ca@lcs
.mit.edu
serial:00
X509v3 Basic Constraints:
CA:TRUE
X509v3 Key Usage:
Certificate Sign, CRL Sign
X509v3 Issuer Alternative Name:
<EMPTY>
Signature Algorithm: sha1WithRSAEncryption
a3:14:79:34:4d:8f:a3:3c:73:da:32:09:34:6c:33:7d:5c:e9:
5f:c1:f8:2e:16:cb:33:d8:14:d2:4c:e1:8f:cc:63:5f:4b:52:
75:a5:78:c0:1f:2a:f0:fd:bf:cf:e6:20:8b:d9:cf:a9:11:95:
be:32:7b:03:0c:67:6c:08:c9:fb:05:71:f0:f2:0b:f4:d7:ed:
cf:42:af:98:45:53:01:d2:7f:55:fe:7b:e7:2c:68:e8:51:9f:
b2:8f:32:0b:6e:8f:09:ab:37:48:6c:71:42:c5:27:01:0e:7c:
09:f6:9c:94:a0:78:bc:e9:ad:ff:83:db:fb:73:f0:ca:15:45:
65:3a
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=Massachusetts, L=Cambridge, O=MIT Laboratory for Computer
Science, OU=Computer Resource Services, CN=Master [EMAIL PROTECTED]
Validity
Not Before: Dec 3 02:32:44 1999 GMT
Not After : Nov 30 02:32:44 2009 GMT
Subject: C=US, ST=Massachusetts, L=Cambridge, O=MIT Laboratory for Computer
Science, OU=Computer Resource Services, CN=Master [EMAIL PROTECTED]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:c9:fe:99:37:a0:9a:33:52:34:18:fd:cd:89:6e:
a7:51:24:68:97:00:10:99:9a:7d:f7:0d:a6:11:28:
2a:52:65:c9:cf:43:d6:3e:b0:e6:17:63:f3:d2:ee:
49:84:0e:b1:24:54:be:6c:02:7b:49:4d:39:99:4e:
b9:ec:b1:7e:06:3f:86:88:dd:53:09:b0:2a:1c:2e:
99:4d:59:f0:c7:fd:26:85:ac:24:65:39:29:c9:ff:
07:a8:53:e4:07:8e:ce:6e:c6:2c:d4:ab:65:75:4e:
2d:1e:24:36:06:9f:11:cd:56:31:fc:7d:6c:22:e8:
54:cf:e6:82:30:d5:a9:ee:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:54:B7:95:4C:91:B4:6F:8B:4C:B1:C5:2A:F8:3E:69:03:08:90:16
X509v3 Authority Key Identifier:
keyid:BC:54:B7:95:4C:91:B4:6F:8B:4C:B1:C5:2A:F8:3E:69:03:08:90:16
DirName:/C=US/ST=Massachusetts/L=Cambridge/O=MIT Laboratory for
Computer Science/OU=Computer Resource Services/CN=Master
[EMAIL PROTECTED]
serial:00
X509v3 Basic Constraints:
CA:TRUE
X509v3 Key Usage:
Certificate Sign, CRL Sign
X509v3 Issuer Alternative Name:
<EMPTY>
Signature Algorithm: sha1WithRSAEncryption
ac:ec:ed:c6:b3:6e:76:38:e2:b4:bb:c2:c5:7d:9e:db:69:53:
40:4e:e6:b0:23:d4:b7:cc:af:2d:c6:ee:85:6d:31:59:fe:bc:
c7:90:d9:dc:bf:83:08:f2:9f:1c:9b:ef:c2:c1:37:2b:df:d4:
42:29:5d:64:8e:c6:32:41:51:9f:57:93:3b:4b:f7:dc:2f:e4:
3b:2c:57:0b:2e:40:97:a4:12:5e:a5:3f:53:b3:76:f0:e1:36:
36:02:52:24:5c:32:07:d9:e3:b7:dd:75:99:26:a7:32:ad:8a:
89:57:41:8e:84:7c:b6:46:c1:79:5e:71:dd:fd:4a:03:37:25:
f9:b5
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
