[svlug] Apache2, GnuTLS, and self-signed certs

Rick Moen rick at linuxmafia.com
Wed Sep 28 15:48:08 PDT 2011

Short version:  I've tried to switch Apache2 over from mod_ssl 
(OpenSSL) to mod-gnutls (GnuTLS), but am so far stymied by GnuTLS's
choking with a 'Base64 Decoding Error' on my SSL key -- _even when_ 
that key is one generated by GnuTLS itself (via the certtool front-end).
The usual solution of spurious space characters in the key (PEM) file
doesn't apply.  The key file _is_ Base64-encoded and has exactly the
right headers, e.g.:


(Not my real key, above.)

$ dpkg -l | egrep 'libgnutls26|libapache2-mod-gnutls|apache2-mpm-prefork'
ii  apache2-mpm-prefork               2.2.16-1                   Apache HTTP Server - traditional non-threade
ii  libapache2-mod-gnutls             0.5.6-1                    Apache module for SSL and TLS encryption wit
ii  libgnutls26                       2.8.6-1                    the GNU TLS library - runtime library

Detailed version:  There are both old and new problems with OpenSSL.  
1.  It's notoriously buggy spaghetti code.  2.  It includes some old
modules (Eric A. Young's) under a slightly dodgy licence that is forever
necessitating licensing exceptions for use in combination with GPLed
codebases (Exim, MySQL, Balsa, ntop, anything that uses GNU readline,
etc.).  3.  It doesn't do TLS 1.2 yet, and last I heard they were still
rolling out TLS 1.1.

The latter point became an issue recently with Thai Duong & Juliano Rizzo's
recent Browser Exploit Against SSL/TLS ('BEAST') man-in-the-middle
decryption attack against some pre-1.2 TLS encrypted Web sessions using
a kind of cross-site scripting (https://lwn.net/Articles/459641/).  
Long story shortened, it's really nothing new but highlights the fact
that pre-1.2 TLS needs to go.  And, neatly, it's also past time to start
getting rid of OpenSSL, so I imagined GnuTLS might be the way out.

It's not difficult to substitute mod_gnutls for mod_ssl in Apache2:

# a2dismod ssl
# a2enmod gnutls

Comment out these lines in /etc/apache2/sites-available/default:

        SSLEngine on  #and any other 'SSLEngine' lines
        SSLCertificateKeyFile /etc/ssl/certs/private/local.key
        SSLCertificateFile    /etc/ssl/certs/private/local.crt

Substitute these equivalent lines

        GnuTLSEnable on
        GnuTLSPriorities SECURE:!ANON-DH:!MD5
        GnuTLSKeyFile         /etc/ssl/certs/private/local.key
        GnuTLSCertificateFile /etc/ssl/certs/private/local.crt

Also comment out any <IfModule mod_ssl.c> line and its matching close
line (or change it to 'IfModule mod_gnutls.c', I guess).

Unfortunately, Apache2 restart then fails with the cited error on
local.key -- and the canonical answer to that problem is 'Dude, your PEM
file is somehow corrupted or has stray whitespace.'  Except, mine
demonstrably doesn't, and, moreover, the same error continues after I
replaced local.key / local.crt using freshly generated replacement I
made using certtool front-ending GnuTLS itself.

I was in something of a rush with my smoke test because I attempted it
on my live production server, hence didn't care for extra downtime for
extended debugging, and put the mod_ssl lines and module back.

Anyone have insight into this problem?

(There's a third option, mod_nss.  Not yet enough of a masochist to
tackle that, but the day is yet young.)

My doc about how to do self-signed certs with Apache is here:
It covers only OpenSSL.  I could add GnuTLS after yesterday's smoke
test, but would rather not until I've achieved successful launch.

More information about the svlug mailing list