EAP-TLS Signature Check Failure

Alan DeKok aland at deployingradius.com
Wed Jun 10 23:01:38 CEST 2020 

On Jun 10, 2020, at 2:24 PM, Peter Bance via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> I've been setting up a FreeRADIUS server for a client, so they can (finally!) break away from AD/NPS-based RADIUS (ugh) for company WiFi. I have SCEP certificates pushed out to all machines, and I have iPhones connecting perfectly (transparent connection to test SSID with successful RADIUS validation). But I am banging my head against the wall with Windows 10 devices...

  <sigh> Windows....

> Certificates valid (from the same source, same profile), CA configured correctly, it _should_ be working (as iOS can connect), but freeradius -X gives me this:
> 
> ...
> (42) eap_tls: ocsp: Cert status: good
> (42) eap_tls: ocsp: Certificate is valid
> (42) eap_tls: TLS_accept: SSLv3/TLS read client certificate
> (42) eap_tls: <<< recv TLS 1.2  [length 0066]
> (42) eap_tls: TLS_accept: SSLv3/TLS read client key exchange
> (42) eap_tls: <<< recv TLS 1.2  [length 0108]
> (42) eap_tls: >>> send TLS 1.2  [length 0002]
> (42) eap_tls: ERROR: TLS Alert write:fatal:decrypt error
> 
> (42) eap_tls: ERROR: Failed in __FUNCTION__ (SSL_read)
> (42) eap_tls: ERROR: error:0407E086:rsa routines:RSA_verify_PKCS1_PSS_mgf1:last octet invalid
> (42) eap_tls: ERROR: error:1417B07B:SSL routines:tls_process_cert_verify:bad signature

  I must admit I haven't seen that very often.  In fact, I can't recall seeing it before.

> Sadly I can't work out _which_ signature it's having a problem with - openssl verify is fine with the certificate and CA. The correct certificate is being sent (I can see that elsewhere in the output), EKU is all good.

  You can use Wireshark to double-check the RADIUS / EAP exchange.  I suspect it will also complain.
  
> Any pointers would be really appreciated - I'm not sure at the moment whether to continue squinting at FreeRADIUS config, Windows config, SCEP certificate properties, or what!
> 
> FreeRADIUS 3.0.21
> OpenSSL 1.1.1
> Windows fully updated
> 
> I have different CAs for FreeRADIUS (Let's Encrypt) and SCEP (self-signed), but I understand this is fine, and as I mentioned it works for iOS.
> 
> Has anyone seen this before? I've hunted all over the Internet, but nothing quite matches :(

  Yeah.  It's weird.  TBH, I would put it down to a Windows issue.  I can't see how it's a FreeRADIUS issue.  Which means it's rather more complex to fix.

  Maybe it's an issue with the SCEP certificates, or the Windows implementation of them.

  Alan DeKok.

More information about the Freeradius-Users mailing list