Use openssl tools for SSL Fault Analysis

Zhou Leilei

Currently, the SSL protocol is widely used. How can I quickly find out the root cause of the problem when the SSL server's Identity Authentication fails? This document, combined with the command line tool s_client provided by openssl, lists various authentication failures and provides troubleshooting methods.

SSL handshake protocol

First, we will briefly introduce the SSL connection process. As shown in 1, the main process is as follows:

Figure 1. SSL authentication and key negotiation process

• The client initiates a request, includinghelloMessages, along with the client-supported cryptographic algorithms and SSL protocol version messages, and random numbers used to generate keys.
• After the server receives the message, the server selects the encryption and compression algorithm and generates a random number from the server. The information is fed back to the client; then the server sends its digital certificate (an X.509 digital certificate is used in Figure 1) to the client.hello done"Message to the client. In addition, if the server needs to authenticate the client, the server also sends a message requesting the client certificate.
• Once the client receives"hello doneIt is feasible to begin to authenticate the digital certificate on the server and check the algorithm selected on the server. If the server requires client authentication, the client also sends its own public key certificate.
• If the server passes authentication, the client initiates a key exchange request.
• The server and client generate symmetric keys based on previously negotiated algorithms and exchanged random numbers for subsequent communication.

S_client Introduction

Openssl provides an open-source implementation of the SSL protocol, which includes three parts: the ssl library, the encryption/Decryption library, and the command line tool. In the command line tool, s_client is a client program that connects to a remote server using the SSL protocol. This tool can be used for testing and diagnosis. Although s_client only provides some basic functions, most interfaces of the ssl library are used in its internal implementation.

s_clientThe command line syntax is:

Listing 1. s_client Parameters

openssl s_client [-connect host:port>] [-verify depth] [-cert filename] [-key filename] [-CApath directory] [-CAfile filename][-reconnect] [-pause] [-showcerts] [-debug] [-msg] [-nbio_test] [-state] [-nbio] [-crlf] [-ign_eof] [-quiet]

Common parameters are used as follows:

• -Connect host: port: Specifies the address and port of the remote server. If this parameter is not set, the default value is localhost: 443;
• -Cert filename: if the server needs to verify the identity of the client, use-cert to specify the Certificate file of the client.
• -Key filename: Specifies the private key file;
• -Verify depth: Enable server certificate verification and define the maximum depth of the certificate verification process.
• -Showcerts: displays the server certificate chain;
• -CAfile filename: Specifies the root certificate used to verify the server certificate;
• -State: print the SSL session status.

S_client application in SSL handshake protocol

When connecting to the SSL server, the most common problem is that the client fails to authenticate the server identity, which is caused by many reasons. The following lists Common Errors and explains how to apply s_client for diagnosis.

• The server certificate is tampered with during transmission
  1. Extract the server certificate:

Create a script retrieve-cert.sh in linux and store the content in Listing 2. The output content of this script is the Base64 encoded content of the X509 Certificate on the server. Execute the script and save the Script output to the file server. pem.

List 2. Certificate Extraction

###usage: retrieve-cert.sh remote.host.name [port] SSLHOST=$1 SSLPORT=${2:-443} echo | openssl s_client -connect ${SSLHOST}:${SSLPORT} 2>&1 | sed -ne /-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p

1. Verify the obtained certificate and run the following command line"openss verify server.pem".

If the certificate content is tampered with, the execution result is shown in Listing 4:

Listing 4. Certificate verification failed

[root@wks547385wss openssl]# openssl verify server.pem unable to load certificate 19280:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:947: 19280:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:304:Type=X509 19280:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_oth.c:82:

Otherwise, we will be able to pass the authentication. The results are as follows:

List 5. Certificate verification successful

[root@wks547385wss openssl]# openssl verify server.pem server.pem: OK

• The client does not save the root certificate of the certificate for the authentication server;

1. Use Parameters-stateCheck whether the certificate authentication for the handshake protocol fails.

Listing 6. displaying the SSL handshake protocol status

[root@wks547385wss openssl]# openssl s_client -connect www6.software.ibm.com:443 -state CONNECTED(00000003) SSL_connect:before/connect initialization SSL_connect:SSLv2/v3 write client hello A SSL_connect:SSLv3 read server hello A depth=1 /C=US/O=Equifax/OU=Equifax Secure Certificate Authority verify error:num=19:self signed certificate in certificate chain verify return:0 SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL_connect:SSLv3 read finished A

2. Use s_client Parameters-showcertsObtain the root certificate of the server. The certificate chain on the server is displayed. The root certificate is displayed at the end of the certificate chain. Save the Certificate fileserverCA.pem 。

Listing 7. Obtain the root certificate of the server

[root@wkswss openssl]# openssl s_client -connect www6.software.ibm.com:443 – showcerts … s:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority -----BEGIN CERTIFICATE----- MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1 MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y 7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh 1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4