Cannot import SSL Client Certificate (.p12)

[ctgvt]

Steps to reproduce

1. Launch the Nextcloud IOS app (5.4.1) and enter the URL to our NC server
2. A popup is shown saying that "the server is requesting a client certificate", as expected
3. When browsing to the client certificate (.p12, generated with OpenSSL with the legacy flag) and entering the password for the certificate, we go back to the first popup saying "the server is requesting a client certificate", and we are looping

Expected behaviour

The client certificate should be imported into the app and sent to our NC server when connecting.
Note that the same client certificate is correctly installed through Safari and we correctly connect to our NC server through Safari. It only fails when using the NC ios app.

Actual behaviour

The client certificate is not imported into the app and it is looping on the import steps.

Screenshots

Logs

Apache Server log:
[Thu Jul 04 09:42:59.814730 2024] [ssl:error] [pid 270191:tid 140260126217984] [client x.x.x.x:57011] AH02261: Re-negotiation handshake failed
[Thu Jul 04 09:42:59.814859 2024] [ssl:error] [pid 270191:tid 140260126217984] SSL Library Error: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate -- No CAs known to server for verification?

Reasoning or why should it be changed/implemented?

Environment data

iOS version: IpadOS 17.5.1

Nextcloud iOS app version: 5.4.1

Server operating system: AlmaLinux 8.9

Web server: Apache

Database: Postgres

PHP version: 8.2.16

Nextcloud version: 28.0.2

[yjiang-c]

I have the same issue on iPhone 15 with iOS 17.5.1. But it show "Connection Error: Bad request" after installing client certificate.

I am using Nginx as reverse web proxy and show the following error log from Nginx

2024/07/05 15:17:49 [info] 487983#487983: *5 client sent no required SSL certificate while reading client request headers, client: x.x.x.x, server: nc.xx.xxx, request: "GET /status.php HTTP/2.0", host: "nc.xxx.xx"

With the same client certificate installed in iOS system, my Safari web browser can login to my nextcloud server without any problem.

[mpivchev]

Hi, can you post all the commands you used to create the certificates?

[ctgvt]

Hi mpivhchev,

Thank you for your help!

I used theses commands to create the certificate:

On our OpenBSD CA server (LibreSSL 3):
# openssl req -config openssl.cnf -sha256 -nodes -newkey rsa:4096 -keyout client_certs/$client.key -out client_certs/$client.csr -subj "/CN=$client"
# openssl ca -config openssl.cnf -in client_certs/$client.csr -out client_certs/$client.pem
# openssl pkcs12 -export -macalg sha256 -out client_certs/$client.pfx -inkey client_certs/$client.key -in client_certs/$client.pem -keypbe aes-256-cbc -certpbe aes-256-cbc

I have attached the openssl.cnf.
openssl.cnf.txt

I tried to recreate the PKCS12 on AlmaLinux 9 (OpenSSL 3):
# openssl pkcs12 -export -out client_certs/$client.pfx -inkey client_certs/$client.key -in client_certs/$client.pem -legacy -descert

But I didn't try to recreate a new CA on AlmaLinux 9 and recreate the KEY/CERT. I will test it.

[ctgvt]

Hi,

I tried on AlmaLinux 9 and it is still not working for me.
Some information about the PKCS12 file created with the -legacy flag:
# openssl pkcs12 -export -out nctest-legacy.pfx -inkey nctest.key -in nctest.pem -legacy -descert

# openssl pkcs12 -in nctest-legacy.pfx -info
Enter Import Password:
MAC: sha1, Iteration 2048
MAC length: 20, salt length: 8
PKCS7 Encrypted data: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Certificate bag
Bag Attributes
    localKeyID: #HIDDEN#
subject=CN = nctest
issuer=#HIDDEN#
-----BEGIN CERTIFICATE-----
#HIDDEN#
-----END CERTIFICATE-----
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Bag Attributes
    localKeyID: #HIDDEN# 
Key Attributes: <No Attributes>
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----BEGIN ENCRYPTED PRIVATE KEY-----
#HIDDEN#
-----END ENCRYPTED PRIVATE KEY-----

Note that this PKCS12 file (nctest-legacy.pfx) is still correctly imported in Safari and client authentication to our NC server succeeds.

[marinofaggiana]

@mpivchev some news here ?

[ne20002]

Is this related to the fix of #2904? With 5.5.2 I don't see the certificate nagging anymore but I haven't yet checked if the certificate is still send when installed.

[mpivchev]

Hi, you can use https://www.openlogic.com/blog/mutual-authentication-using-apache-and-web-client to try and set up a certificate. This is only TLS, not mTLS. mTLS should work as well, but not 100% sure on this.

Please keep in mind all the questions that are asked when creating the certificates, such as Organization Name, Location, and so on, must be different in both the client and server certificate. Otherwise Apple assumes that the cert is self-signed.

[mpivchev]

Finally, you can test if the certificate can be imported into Mac Keychain. If it works there, it should work on iOS, as they use the same algorithms.

[ctgvt]

Hi mpivchev,

Thank you for your answers.
I read your link and I already use these Apache directives to configure the client authentication.
So, i tried to import into our Mac Keychain (macOS Monterey 12.7.6) our old certificate (nctest-legacy.pfx), and the certificate is valid (after I added our own CAs - intermediate + ca).

And I have successfully connected to our Nextcloud server through Safari (17.6) using the certificate on our Mac.

Thanks for your time!

[yjiang-c]

As I understand, mTLS is TLS with client certificate. In normal case, client verifies server’s certificate. When server needs to verify client’s certificate, it is mutual TLS(mTLS) because both side need to verify each other. mTLS is TLS protocol when server requests client certificate.

If mTLS is not supported, then client certificate is not supported.