Insecure Algorithm error when running TLS-based Authentication Example for OPA v0.46.1

[jjthom87]

Short description

At the first curl step for the OPA TLS-based Authentication example,

curl --key client-key.pem \ --cert client-cert.pem \ --cacert ca.pem \ --resolve opa.example.com:8181:127.0.0.1 \ https://opa.example.com:8181/v1/data

I am getting this error when using OPA version 0.46.1:

2023/01/03 09:38:54 http: TLS handshake error from 127.0.0.1:62333: tls: failed to verify client certificate: x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: insecure algorithm SHA1-RSA (temporarily override with GODEBUG=x509sha1=1)" while trying to verify candidate authority certificate "my-ca")

Attempt to Fix

I tried to fix the error based on the comment from this issue, but using the -sha256 flag when creating the root, client, and server certificates did not work.

openssl req -x509 -sha256 -new -nodes -key ca-key.pem -days 1000 -out ca.pem -subj "/CN=my-ca"
openssl req -sha256 -new -key client-key.pem -out csr.pem -subj "/CN=my-client"
openssl req -sha256 -new -key client-key-2.pem -out csr.pem -subj "/CN=my-client-2"
openssl req -sha256 -new -key server-key.pem -out csr.pem -subj "/CN=my-server" -config req.cnf

Expected behavior

When using OPA Version 0.32.0, I get the expected result

{"result":{}}

[anderseknert]

Hey @jjthom87, and thanks for reporting that! 👍 If no one beats me to it, I'll take a look tomorrow.

[charlieegan3]

Hi Jared, we need to make a number of updates to this part of the docs as they are quite old, thanks for highlighting it.

The issue you are seeing is that go (& so OPA) now rejects SHA1 signed certs as being insecure (and rightly so). I think this happened in go 1.18. It seems we haven't updated these docs since then.

You can see by running openssl x509 -in client-cert.pem -text -noout that the Signature Algorithm field is sha1WithRSAEncryption 👎

To get you up and running, I think these steps to create the PKI for the demo should work: (I add -sha256 to the client and server cert commands)

# CA
openssl genrsa -out ca-key.pem 2048
openssl req -x509 -new -nodes -key ca-key.pem -days 1000 -out ca.pem -subj "/CN=my-ca" 

# client 1
openssl genrsa -out client-key.pem 2048
openssl req -new -key client-key.pem -out csr.pem -subj "/CN=my-client"
openssl x509 -req -in csr.pem -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out client-cert.pem -days 1000 -sha256

# client 2
openssl genrsa -out client-key-2.pem 2048
openssl req -new -key client-key-2.pem -out csr.pem -subj "/CN=my-client-2"
openssl x509 -req -in csr.pem -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out client-cert-2.pem -days 100 -sha256

# create server cert with IP and DNS SANs
cat <<EOF >req.cnf
[req]
req_extensions = v3_req
distinguished_name = req_distinguished_name

[req_distinguished_name]

[v3_req]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = opa.example.com
IP.1 = 127.0.0.1
EOF
openssl genrsa -out server-key.pem 2048
openssl req -new -key server-key.pem -out csr.pem -subj "/CN=my-server" -config req.cnf
openssl x509 -req -in csr.pem -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem -days 1000 -extensions v3_req -extfile req.cnf -sha256

This works for me. Can you confirm that allows you to progress? In the meantime, I'll work on a few updates to the docs here.

[jjthom87]

I confirm that this works. Thank you for your assistance here!