XoT Testing: TLS peer certificate verification failed

Klaus Darilion klaus.darilion at nic.at
Tue Mar 4 09:01:03 UTC 2025 

May it be, that the validation is just broken? Even when using dig, and explicitely use the hostname of the Primary (which uses its hostname in its certificate) in @... and tls-hostname, the verification fails due to hostname mismatch:

# dig @xot-test-primary.ops.nic.at test.klaus +tls axfr +tls-ca=ca.crt +tls-hostname=xot-test-primary.ops.nic.at +tls-certfile=certificate.crt +tls-keyfile=private.key
;; TLS peer certificate verification for 193.46.106.51#853 failed: hostname mismatch


Regards
Klaus


From: Klaus Darilion
Sent: Thursday, February 27, 2025 5:11 PM
To: Greg Choules via bind-users <bind-users at lists.isc.org>
Subject: XoT Testing: TLS peer certificate verification failed

Hi! I want to test XoT between Bind9.20.6 primary and secondary.

On the primary I created a self-signed certificate with CN=xot-test-primary.ops.nic.at and configured bind:

# Create a 10years valid self-signed certificate:
#   openssl genpkey -algorithm RSA -out private.key -pkeyopt rsa_keygen_bits:2048
#   openssl req -new -key private.key -out request.csr -subj "/CN=xot-test-primary.ops.nic.at"
#   openssl x509 -req -days 3650 -in request.csr -signkey private.key -out certificate.crt
#   openssl x509 -text -noout -in certificate.crt
#   chmod g+r private.key
#
# Create DH-params file to enable Diffie-Hellman Perfect Forward Secrecy:
#   openssl dhparam -out dhparam.pem 4096
#
# https://bind9.readthedocs.io/en/v9.20.6/reference.html#namedconf-statement-tls
tls xot-test {
        cert-file "/etc/bind/certificate.crt";
        dhparam-file "/etc/bind/dhparam.pem";
        key-file  "/etc/bind/private.key";
};

options {
        listen-on                  { 193.46.106.51; };
        listen-on-v6               { 2a02:850:1:4::51; };
        listen-on    tls xot-test  { 193.46.106.51; };
        listen-on-v6 tls xot-test  { 2a02:850:1:4::51; };
};

That seems to work fine. Then I configured the secondary similar:
# Create a 10years valid self-signed certificate:
#   openssl genpkey -algorithm RSA -out private.key -pkeyopt rsa_keygen_bits:2048
#   openssl req -new -key private.key -out request.csr -subj "/CN=xot-test-secondary.ops.nic.at"
#   openssl x509 -req -days 3650 -in request.csr -signkey private.key -out certificate.crt
#   openssl x509 -text -noout -in certificate.crt
#   chmod g+r private.key
#
# Create DH-params file to enable Diffie-Hellman Perfect Forward Secrecy:
#   openssl dhparam -out dhparam.pem 4096
#
# https://bind9.readthedocs.io/en/v9.20.6/reference.html#namedconf-statement-tls
tls xot-test {
        #ca-file   "/etc/bind/ca.crt";          # Activating ca-file force client-certificates for incoming TLS connections
        cert-file "/etc/bind/certificate.crt";
        dhparam-file "/etc/bind/dhparam.pem";
        key-file  "/etc/bind/private.key";
        #remote-hostname "xot-test-primary.ops.nic.at";
}; // may occur multiple times

zone "test.klaus" {
    type secondary;
    file "/var/cache/bind/test.klaus";  // Path to your zone file

    primaries  {
      193.46.106.51    key "tsig-key" tls xot-test;
      2a02:850:1:4::51 key "tsig-key" tls xot-test;
    };

I copied the primary's certificate.crt to the secondary as ca.crt.

Using opportunistic TLS, zone transfer works fine.

But if I enable strict TLS, either by uncommenting 'ca-file' or 'remote-hostname' option, the TLS verification fails:

   transfer of 'test.klaus/IN' from 193.46.106.51#853: failed to connect: TLS peer certificate verification failed

But the setup on the primary looks fine. I can successfully open a TLS connection when using curl:
# curl -v https://xot-test-primary.ops.nic.at:853 --cacert ca.crt
* Host xot-test-primary.ops.nic.at:853 was resolved.
* IPv6: (none)
* IPv4: 193.46.106.51
*   Trying 193.46.106.51:853...
* Connected to xot-test-primary.ops.nic.at (193.46.106.51) port 853
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: ca.crt
*  CApath: /etc/ssl/certs
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / X25519 / RSASSA-PSS
* ALPN: server did not agree on a protocol. Uses default.
* Server certificate:
*  subject: CN=xot-test-primary.ops.nic.at
*  start date: Feb 27 14:02:56 2025 GMT
*  expire date: Feb 25 14:02:56 2035 GMT
*  common name: xot-test-primary.ops.nic.at (matched)
*  issuer: CN=xot-test-primary.ops.nic.at
*  SSL certificate verify ok.
*   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption


So, what am I doing wrong? Is Bind using a not-trivial TLS certificate verification? I also failed getting more verbose verification details. Any help is appreciated.

Thanks
Klaus


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20250304/0f46f4b5/attachment-0001.htm>

More information about the bind-users mailing list