Can't recieve self-signed certificates from TLS-Attacker on openssl server #191
Description
Using the folowing command to execute client:
java -jar TLS-Client.jar -connect localhost:4433 -config custom.config -workflow_output bad_output.xml -workflow_trace_type FULL -cert ~/test/clint_chain.pem -key ~/test/client_key.pem
Executing server:
openssl s_server -key server.key -cert server_full.pem -CAfile ca.pem -verify 1 -accept 4433 -msg -tls1_3
Have the following result:
From TLS-Attacker: 13:20:14 [main] INFO : DefaultWorkflowExecutor - Workflow executed as planned.
From openssl:
ERROR
40070EBEF77F0000:error:02000086:rsa routines:RSA_verify_PKCS1_PSS_mgf1:last octet invalid:../crypto/rsa/rsa_pss.c:94:
40070EBEF77F0000:error:1C880004:Provider routines:rsa_verify:RSA lib:../providers/implementations/signature/rsa_sig.c:815:
40070EBEF77F0000:error:0A00007B:SSL routines:tls_process_cert_verify:bad signature:../ssl/statem/statem_lib.c:537:
shutting down SSL
CONNECTION CLOSED
custom.config differentiates from tls13.config only these lines:
<clientAuthentication>true</clientAuthentication>
<clientAuthenticationType>CERTIFICATE_BASED</clientAuthenticationType>
Please help me to understand what I'm doing wrong. Please tell me the easiest way to send certificate (I want server to accept it).
xml trace of run:
bad_output.txt
server_log.txt
I tried to connect to this server with openssl s_client and the same certificate configuration, all was ok.