Authentication
Strongswan eap-identity 無可信證書
這是情況:
- GW 在 CentOS7 上安裝了 Strongswan 5.7.2 並載入了這些外掛:
charon pkcs11 tpm aesni aes des rc2 sha2 sha1 md4 md5 mgf1 隨機 nonce x509 撤銷約束 acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt fips-prf gmp curve25519 chapoly xcbc cmac hmac ctr ccm gcm curl attr kernel-netlink resolve socket-default farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp eap-aka-3gpp2 eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp led duplicheck unity counters
- 同一個 CA 機構簽署了所有證書(對於 GW 和客戶端的身份)
- 客戶端處於 Roadwarrior 模式,在 Windows 10 上
- ipsec.conf:
# VPN connections conn %default mobike=yes esp=aes256gcm128-sha512-modp4096,aes256-sha1-modp1024! ike=aes256gcm128-sha512-modp4096,aes256-sha384-modp1024! eap_identity=%any keyexchange=ikev2 forceencaps=yes auto=add conn IKEv2-eap leftauth=pubkey leftfirewall=yes leftcert=gwCert.pem leftsubnet=0.0.0.0/0 right=%any rightsourceip=10.3.0.0/24 rightsendcert=never rightdns=134.158.128.2,134.158.128.6 rightauth=eap-tls eap_identity=%identity
- ipsec.secrets:
# ipsec.secrets - strongSwan IPsec secrets file : RSA gwKey.pem
- GW證書:
Certificate: Data: Version: 3 (0x2) Serial Number: 62767 (0xf52f) Signature Algorithm: sha1WithRSAEncryption Issuer: C=FR, O=Organization, CN=IntermediateAuthority Validity Not Before: May 20 13:26:11 2019 GMT Not After : May 19 13:26:11 2021 GMT Subject: C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld/emailAddress=contact@domain.tld Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: ... Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE Netscape Cert Type: SSL Client, SSL Server X509v3 Key Usage: critical Digital Signature, Non Repudiation, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Netscape Comment: Certificat serveur IntermediateAuthority X509v3 Subject Key Identifier: ... X509v3 Authority Key Identifier: keyid:... DirName:/C=FR/O=Organization/CN=RootAuthority serial:03 X509v3 Subject Alternative Name: email:contact@domain.tld X509v3 CRL Distribution Points: Full Name: URI:http://crls.domain.tld/IntermediateAuthority/getder.crl Signature Algorithm: sha1WithRSAEncryption ...
- 客戶證書:
Certificate: Data: Version: 3 (0x2) Serial Number: 62711 (0xf4f7) Signature Algorithm: sha1WithRSAEncryption Issuer: C=FR, O=Organization, CN=IntermediateAuthority Validity Not Before: May 15 08:58:59 2019 GMT Not After : May 14 08:58:59 2021 GMT Subject: C=FR, O=Organization, OU=OUnit, CN=My Name/emailAddress=contact@domain.tld Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: ... Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE Netscape Cert Type: SSL Client, S/MIME, Object Signing X509v3 Key Usage: critical Digital Signature, Non Repudiation, Key Encipherment Netscape Comment: Certificat IntermediateAuthority. X509v3 Subject Key Identifier: ... X509v3 Authority Key Identifier: keyid:... DirName:/C=FR/O=Organization/CN=RootAuthority serial:03 X509v3 Subject Alternative Name: email:contact@domain.tld X509v3 CRL Distribution Points: Full Name: URI:http://crls.domain.tld/IntermediateAuthority/getder.crl Signature Algorithm: sha1WithRSAEncryption ...
- charon.log:
May 21 10:27:04 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 3.10.0-957.12.2.el7.x86_64, x86_64) May 21 10:27:04 00[CFG] PKCS11 module '<name>' lacks library path May 21 10:27:04 00[LIB] openssl FIPS mode(2) - enabled May 21 10:27:04 00[CFG] loading ca certificates from '/etc/strongswan/ipsec.d/cacerts' May 21 10:27:04 00[CFG] loaded ca certificate "C=FR, O=Organization, CN=IntermediateAuthority" from '/etc/strongswan/ipsec.d/cacerts/ca-std.pem' May 21 10:27:04 00[CFG] loaded ca certificate "C=FR, O=Organization, CN=RootAuthority" from '/etc/strongswan/ipsec.d/cacerts/ca.pem' May 21 10:27:04 00[CFG] loading aa certificates from '/etc/strongswan/ipsec.d/aacerts' May 21 10:27:04 00[CFG] loading ocsp signer certificates from '/etc/strongswan/ipsec.d/ocspcerts' May 21 10:27:04 00[CFG] loading attribute certificates from '/etc/strongswan/ipsec.d/acerts' May 21 10:27:04 00[CFG] loading crls from '/etc/strongswan/ipsec.d/crls' May 21 10:27:04 00[CFG] loading secrets from '/etc/strongswan/ipsec.secrets' May 21 10:27:04 00[CFG] loaded RSA private key from '/etc/strongswan/ipsec.d/private/gwKey.pem' May 21 10:27:04 00[CFG] loaded EAP secret for user May 21 10:27:04 00[CFG] loaded EAP secret for My Name May 21 10:27:04 00[CFG] opening triplet file /etc/strongswan/ipsec.d/triplets.dat failed: No such file or directory May 21 10:27:04 00[CFG] loaded 0 RADIUS server configurations May 21 10:27:04 00[CFG] HA config misses local/remote address May 21 10:27:04 00[CFG] no script for ext-auth script defined, disabled May 21 10:27:04 00[LIB] loaded plugins: charon pkcs11 tpm aesni aes des rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt fips-prf gmp curve25519 chapoly xcbc cmac hmac ctr ccm gcm curl attr kernel-netlink resolve socket-default farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp eap-aka-3gpp2 eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp led duplicheck unity counters May 21 10:27:04 00[JOB] spawning 16 worker threads May 21 10:27:04 05[CFG] received stroke: add connection 'IKEv2-eap' May 21 10:27:04 05[CFG] adding virtual IP address pool 10.3.0.0/24 May 21 10:27:04 05[CFG] loaded certificate "C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, E=contact@domain.tld" from 'gwCert.pem' May 21 10:27:04 05[CFG] id '%any' not confirmed by certificate, defaulting to 'C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, E=contact@domain.tld' May 21 10:27:04 05[CFG] added configuration 'IKEv2-eap' May 21 10:27:11 12[NET] <1> received packet: from 172.10.128.210[500] to 172.10.130.248[500] (624 bytes) May 21 10:27:11 12[ENC] <1> parsed IKE_SA_INIT request 0 [ SA KE No N(FRAG_SUP) N(NATD_S_IP) N(NATD_D_IP) V V V V ] May 21 10:27:11 12[IKE] <1> received MS NT5 ISAKMPOAKLEY v9 vendor ID May 21 10:27:11 12[IKE] <1> received MS-Negotiation Discovery Capable vendor ID May 21 10:27:11 12[IKE] <1> received Vid-Initial-Contact vendor ID May 21 10:27:11 12[ENC] <1> received unknown vendor ID: 01:52:8b:bb:c0:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:02 May 21 10:27:11 12[IKE] <1> 172.10.128.210 is initiating an IKE_SA May 21 10:27:11 12[CFG] <1> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_1024 May 21 10:27:11 12[IKE] <1> faking NAT situation to enforce UDP encapsulation May 21 10:27:11 12[ENC] <1> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(MULT_AUTH) ] May 21 10:27:11 12[NET] <1> sending packet: from 172.10.130.248[500] to 172.10.128.210[500] (320 bytes) May 21 10:27:11 15[NET] <1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes) May 21 10:27:11 15[ENC] <1> parsed IKE_AUTH request 1 [ EF(1/3) ] May 21 10:27:11 15[ENC] <1> received fragment #1 of 3, waiting for complete IKE message May 21 10:27:11 15[NET] <1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes) May 21 10:27:11 15[ENC] <1> parsed IKE_AUTH request 1 [ EF(2/3) ] May 21 10:27:11 15[ENC] <1> received fragment #2 of 3, waiting for complete IKE message May 21 10:27:11 16[NET] <1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (332 bytes) May 21 10:27:11 16[ENC] <1> parsed IKE_AUTH request 1 [ EF(3/3) ] May 21 10:27:11 16[ENC] <1> received fragment #3 of 3, reassembled fragmented IKE message (1320 bytes) May 21 10:27:11 16[ENC] <1> parsed IKE_AUTH request 1 [ IDi CERTREQ N(MOBIKE_SUP) CPRQ(ADDR DNS NBNS SRV) SA TSi TSr ] May 21 10:27:11 16[IKE] <1> received cert request for "C=FR, O=Organization, CN=IntermediateAuthority" May 21 10:27:11 16[IKE] <1> received cert request for "C=FR, O=Organization, CN=RootAuthority" May 21 10:27:11 16[IKE] <1> received 47 cert requests for an unknown ca May 21 10:27:11 16[CFG] <1> looking for peer configs matching 172.10.130.248[%any]...172.10.128.210[172.10.128.210] May 21 10:27:11 16[CFG] <IKEv2-eap|1> selected peer config 'IKEv2-eap' May 21 10:27:11 16[IKE] <IKEv2-eap|1> initiating EAP_IDENTITY method (id 0x00) May 21 10:27:11 16[IKE] <IKEv2-eap|1> peer supports MOBIKE May 21 10:27:11 16[IKE] <IKEv2-eap|1> authentication of 'C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, E=contact@domain.tld' (myself) with RSA signature successful May 21 10:27:11 16[IKE] <IKEv2-eap|1> sending end entity cert "C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, E=contact@domain.tld" May 21 10:27:11 16[ENC] <IKEv2-eap|1> generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ] May 21 10:27:11 16[ENC] <IKEv2-eap|1> splitting IKE message (1656 bytes) into 2 fragments May 21 10:27:11 16[ENC] <IKEv2-eap|1> generating IKE_AUTH response 1 [ EF(1/2) ] May 21 10:27:11 16[ENC] <IKEv2-eap|1> generating IKE_AUTH response 1 [ EF(2/2) ] May 21 10:27:11 16[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (1244 bytes) May 21 10:27:11 16[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (492 bytes) May 21 10:27:11 15[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (104 bytes) May 21 10:27:11 15[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 2 [ EAP/RES/ID ] May 21 10:27:11 15[IKE] <IKEv2-eap|1> received EAP identity 'My Name' May 21 10:27:11 15[IKE] <IKEv2-eap|1> initiating EAP_TLS method (id 0xC9) May 21 10:27:11 15[ENC] <IKEv2-eap|1> generating IKE_AUTH response 2 [ EAP/REQ/TLS ] May 21 10:27:11 15[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (88 bytes) May 21 10:27:11 07[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (248 bytes) May 21 10:27:11 07[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 3 [ EAP/RES/TLS ] May 21 10:27:11 07[TLS] <IKEv2-eap|1> negotiated TLS 1.2 using suite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS server certificate 'C=FR, O=Organization, OU=OUnit, CN=vpn.domain.tld, E=contact@domain.tld' May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS intermediate certificate 'C=FR, O=Organization, CN=IntermediateAuthority' May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS cert request for 'C=FR, O=Organization, CN=IntermediateAuthority' May 21 10:27:11 07[TLS] <IKEv2-eap|1> sending TLS cert request for 'C=FR, O=Organization, CN=RootAuthority' May 21 10:27:11 07[ENC] <IKEv2-eap|1> generating IKE_AUTH response 3 [ EAP/REQ/TLS ] May 21 10:27:11 07[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (1112 bytes) May 21 10:27:11 05[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (88 bytes) May 21 10:27:11 05[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 4 [ EAP/RES/TLS ] May 21 10:27:11 05[ENC] <IKEv2-eap|1> generating IKE_AUTH response 4 [ EAP/REQ/TLS ] May 21 10:27:11 05[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (1112 bytes) May 21 10:27:11 08[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (88 bytes) May 21 10:27:11 08[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 5 [ EAP/RES/TLS ] May 21 10:27:11 08[ENC] <IKEv2-eap|1> generating IKE_AUTH response 5 [ EAP/REQ/TLS ] May 21 10:27:11 08[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (744 bytes) May 21 10:27:11 09[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes) May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EF(1/3) ] May 21 10:27:11 09[ENC] <IKEv2-eap|1> received fragment #1 of 3, waiting for complete IKE message May 21 10:27:11 09[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes) May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EF(2/3) ] May 21 10:27:11 09[ENC] <IKEv2-eap|1> received fragment #2 of 3, waiting for complete IKE message May 21 10:27:11 09[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (492 bytes) May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EF(3/3) ] May 21 10:27:11 09[ENC] <IKEv2-eap|1> received fragment #3 of 3, reassembled fragmented IKE message (1480 bytes) May 21 10:27:11 09[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 6 [ EAP/RES/TLS ] May 21 10:27:11 09[ENC] <IKEv2-eap|1> generating IKE_AUTH response 6 [ EAP/REQ/TLS ] May 21 10:27:11 09[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (88 bytes) May 21 10:27:11 13[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes) May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EF(1/3) ] May 21 10:27:11 13[ENC] <IKEv2-eap|1> received fragment #1 of 3, waiting for complete IKE message May 21 10:27:11 13[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (588 bytes) May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EF(2/3) ] May 21 10:27:11 13[ENC] <IKEv2-eap|1> received fragment #2 of 3, waiting for complete IKE message May 21 10:27:11 13[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (316 bytes) May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EF(3/3) ] May 21 10:27:11 13[ENC] <IKEv2-eap|1> received fragment #3 of 3, reassembled fragmented IKE message (1304 bytes) May 21 10:27:11 13[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 7 [ EAP/RES/TLS ] May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS peer certificate 'C=FR, O=Organization, OU=OUnit, CN=My Name, E=contact@domain.tld' May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS intermediate certificate 'C=FR, O=Organization, CN=IntermediateAuthority' May 21 10:27:11 13[TLS] <IKEv2-eap|1> no trusted certificate found for 'My Name' to verify TLS peer May 21 10:27:11 13[TLS] <IKEv2-eap|1> sending fatal TLS alert 'certificate unknown' May 21 10:27:11 13[ENC] <IKEv2-eap|1> generating IKE_AUTH response 7 [ EAP/REQ/TLS ] May 21 10:27:11 13[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (104 bytes) May 21 10:27:11 06[NET] <IKEv2-eap|1> received packet: from 172.10.128.210[4500] to 172.10.130.248[4500] (88 bytes) May 21 10:27:11 06[ENC] <IKEv2-eap|1> parsed IKE_AUTH request 8 [ EAP/RES/TLS ] May 21 10:27:11 06[IKE] <IKEv2-eap|1> EAP method EAP_TLS failed for peer 172.10.128.210 May 21 10:27:11 06[ENC] <IKEv2-eap|1> generating IKE_AUTH response 8 [ EAP/FAIL ] May 21 10:27:11 06[NET] <IKEv2-eap|1> sending packet: from 172.10.130.248[4500] to 172.10.128.210[4500] (88 bytes)
- 主機名 GW:vpn.domain.tld
問題是我的 Windows 客戶端安裝隧道,但不接受身份驗證可能是因為 charon.log 中的這些行:
May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS peer certificate 'C=FR, O=Organization, OU=OUnit, CN=My Name, E=contact@domain.tld' May 21 10:27:11 13[TLS] <IKEv2-eap|1> received TLS intermediate certificate 'C=FR, O=Organization, CN=IntermediateAuthority' May 21 10:27:11 13[TLS] <IKEv2-eap|1> no trusted certificate found for 'My Name' to verify TLS peer May 21 10:27:11 13[TLS] <IKEv2-eap|1> sending fatal TLS alert 'certificate unknown'
我的配置有什麼問題?
客戶端發送的 EAP 身份(顯然是“我的名字”)與完整的主題專有名稱 (DN) 或任何主題可選名稱 (SAN) 擴展的值和類型都不匹配。由於 strongSwan 不會將身份與 DN 的某些部分進行匹配,例如
CN
相對專有名稱 (RDN) - 甚至對於 EAP-TLS 也不適用 - 找不到用於確認身份的證書。兩種可能的解決方案:
- 如果客戶端允許,讓它發送一個不同的身份,例如完整的 DN,或電子郵件地址,它作為 SAN 包含在證書中。不過,我認為這對於 Windows 客戶端是不可能的。
- 如果客戶端總是將
CN
RDN 的值作為 EAP 身份發送,則需要更改客戶端證書:
- 更改
CN
以匹配其中一個 SAN,在這種情況下,您可以將其設置為電子郵件地址(如有必要,該人的姓名可以編碼為S
- 對於姓氏 - 和G
- 對於給定名稱 - DN 中的 RDN)。- 另一種方法是添加一個dNSName SAN,其值為“My Name”,即與該
CN
值匹配。雖然這在技術上不是一個有效的域名(由於空格),但它應該與 EAP 身份匹配,因為它被 strongSwan解析為類型的身份ID_FQDN
(這是它的備份類型)。