Server Initiated Renegotiation with TLS 1.2 using OpenSSL 3.0
Manish Patidar
mann.patidar at gmail.com
Wed Dec 13 11:28:19 UTC 2023
Hi,
We are running an OpenSSL based web server and using Chrome/Firefox as the
web client.
We need to implement server initiated renegotiation for client certificate
verification.
We were earlier using OpenSSL 1.0.2 and TLS 1.2 and were able to do the
renegotiation using the below code sequence:
1. SSL_renegotiate
2. SSL_do_handshake
3. SSL_set_state(ssl, SSL_ST_ACCEPT)
4. SSL_do_handshake
5. SSL_get_peer_certificate
Using the above code sequence, we are successfully able to complete the
handshake after the renegotiation and verify the client certificate.
We are currently migrating to OpenSSL 3.0.8.
In the migration guide or the OpenSSL documentation, we couldn't find any
replacement for the *SSL_set_state *API.
However, we updated our code as below and got the renegotiation working for
TLS 1.2 for Chrome and Microsoft Edge:
1. SSL_renegotiate
2. SSL_do_handshake
3. SSL_read
4. SSL_get_peer_certificate
However, with the same code sequence, the handshake fails in the case
of Mozilla
Firefox.
On debugging using SSL_trace, we found that in case of Firefox, the client
(browser) sends an Alert Message 21 after sending a ClientKeyExchange
message.
We have below queries:
1. What is the correct code sequence to implement server initiated
renegotiation for client certificate verification using OpenSSL 3.0.8
using TLS1.2 ?
2. What is the replacement for the *SSL_set_state(ssl, SSL_ST_ACCEPT)*
API in OpenSSL 3.0.8 or how can we set the state to *SSL_ST_ACCEPT*?
3. How to do server initiated renegotiation for client certificate
verification using OpenSSL 3.0.8.
Regards
Manish
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20231213/13912cba/attachment.htm>
More information about the openssl-users
mailing list