Apache 2.4.37 with openssl 1.1.1: cannot perform post-handshake authentication
Solution 1
The problem is that Firefox doesn't support TLS 1.3 post-handshake authentication. I've reported this issue to Firefox at https://bugzilla.mozilla.org/show_bug.cgi?id=1511989
I'm not suggesting a workaround or fix here; I'm merely telling others who come across this page (as it is high up for this error message in the search results) what the situation is and where to find the latest information as Firefox works to resolve this issue.
Solution 2
In case this helps other, for my reverse proxy test configuration with Apache HTTP 2.4.41 on Windows, I wanted to protect only the balancer-manager URI with client certificate authentication, that I had generated using OpenSSL with CA certs, server certs signed by CA and client cert signed by CA, imported the P12 in my browser.
For my other back end URLs (Spring Boot with AJP enabled and running same application on 2 different set of ports to test balancing via Apache HTTP) that were being proxied, configuration was to do not perform any client certificate authentication.
- Accessing https://myhostname.com was working and hitting my back end via balancer, returning the expected response.
- Accessing https://myhostname.com/balancer-manager was expected to prompt me for selecting client certificate that I imported earlier, but gave this error on Chrome 80.0 ( and did not work for other browsers as well).
Forbidden You don't have permission to access this resource.Reason: Cannot perform Post-Handshake Authentication.
In Apache error log, it showed:
SSL Library Error: error:14268117:SSL routines:SSL_verify_client_post_handshake:extension not received
In Apache access log, it showed:
GET /balancer-manager HTTP/1.1" 403 199
Non working configuration for Virtual host config in httpd.conf looked like:
<VirtualHost *:443>
ServerName myhostname.com
ServerAlias myhostname.com
SSLEngine on
SSLCipherSuite ALL:!EXP:!eNULL:!aNULL:!MD5:-LOW:-RC4:-SSLv2:+HIGH:+MEDIUM
#no certificate authentication required except balancer manager
SSLVerifyClient none
SSLVerifyDepth 5
SSLProtocol all -SSLv3
SSLCertificateFile "path/to/server/certificate"
SSLCertificateKeyFile "path/to/server/key"
SSLCACertificateFile "path/to/CA/certificate"
<Location "/balancer-manager">
SSLVerifyClient require
SetHandler balancer-manager
Require host myhostname.com
</Location>
<Proxy balancer://cluster>
BalancerMember ajp://localhost:9090/ loadfactor=25 timeout=1
BalancerMember ajp://localhost:9091/ loadfactor=75 timeout=1
ProxySet lbmethod=byrequests
</Proxy>
ProxyPreserveHost off
ProxyRequests Off
ProxyPass / balancer://cluster/ stickysession=JSESSIONID
ProxyPassReverse / balancer://cluster/ stickysession=JSESSIONID
</VirtualHost>
To fix the issue, change SSLProtocol directive to use:
SSLProtocol -all +TLSv1.2
See these links also
I used TLS 1.2 for tests (TLS 1.1 also worked but recommended to use TLS 1.2 or higher version).
Note:The Apache version 2.4.38 or higher versions support TLS v1.3. You must upgrade Apache packages before enabled TLS 1.3 in SSL settings.
*
Related videos on Youtube
antoniofr
Updated on June 04, 2022Comments
-
antoniofr almost 2 years
I updated apache to last version 2.4.37 and openssl to 1.1.1 and now, when client authenticates, I get this error only with Firefox 63, but not in Chrome:
[ssl:error] AH: verify client post handshake, referer: https://******/login [ssl:error] AH10158: cannot perform post-handshake authentication, referer: https://******/login [ssl:error]SSL Library Error: error:14268117:SSL routines:SSL_verify_client_post_handshake:extension not received
I used wireshark to try to find the problem, and I apreciate Firefox uses TLS 1.3, while Chrome uses TLS 1.2. In fact, if I set TLS max version in FF to TLS 1.2, it works fine.
I would like to get TLS 1.3 compatibility or, if it is not yet possible, to force, in my Apache configuration, the client always uses TLS 1.2, but I don't get it :(
This is my apache vhost config file:
[...] SSLEngine on SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key SSLCertificateChainFile /etc/apache2/ssl/intermediate.crt SSLCACertificateFile /etc/apache2/ssl/ca.pem SSLVerifyDepth 3 SSLProtocol TLSv1.2 SSLHonorCipherOrder on <Directory /var/www/html/> Options -Indexes +FollowSymLinks -MultiViews AllowOverride All Order deny,allow Allow from 10.55.12.0/24 Deny from all </Directory> <Files "login-ssl.php"> SSLVerifyClient optional SSLOptions +StdEnvVars +StrictRequire </Files> [...]
Can someone help me, please?
Thanks.
EditedI found the solution. SSLProtocol directive should be in /etc/apache2/mods-enabled/ssl.conf.
-
telcoM over 4 yearsTo summarize: since Firefox 68.0 the support has been implemented, but it is disabled by default and needs to be enabled by changing the
about:config
settingsecurity.tls.enable_post_handshake_auth
totrue
. The reason for this is that TLS 1.3 post-handshake authentication works with HTTP/1.1 but has problems with HTTP/2 multiplexing, and the necessary mechanism to fill the gap for HTTP/2 is still in draft phase.