Firefox does not offer client certificate: SSL_ERROR_HANDSHAKE_FAILURE_ALERT

A CA certificate expired and was regenerated with the same private key, with the existing client certificates working in Chrome, but failing within Firefox:

An error occurred during a connection to example.com:
SSL peer was unable to negotiate an acceptable set of security parameters:
Error code: SSL_ERROR_HANDSHAKE_FAILURE_ALERT

Firefox does not prompt for the client certificate and does not send it - suspecting that something does not match the client certificate selection process.

How could this be debugged on Firefox side?
How does Firefox decide when to ask for / offer the client certificate?

Please note that [web]server certificate is working properly and is out of scope here.

What has been verified:

Fails both on Firefox 78 on Mac and Firefox 77 on Linux; the same client certificate that worked with the previous CA certificate is present in both Firefox instances.
On Mac, where the same client certificate works in Chrome and thus is present in Keychain, enabling security.osclientcerts.autoload in Firefox does not help.
"Acceptable client certificate CA names" match between the old and new CA certificate.
"Client Certificate Types" seems to be acceptable:
New certificate: RSA sign, DSA sign, ECDSA sign
Old certificate: RSA fixed DH, DSS fixed DH, RSA sign, DSA sign
Presence of v3 extensions in the CA certificate does not matter (including the setting of CA:TRUE).
CRL is used but has not expired, and client certificate is not revoked.
The serial number on the old and new CA certificate are different and seems to be large random numbers.
Client certificate does not seem to contain any (expired) chain certificates.
Regenerating the CA certificate to have validity period start before the client certificate does not help.
Regenerating CA certificate to be SHA1 does not help (the old CA certificate was SHA1).

Certificates

CA certificate (with X509v3 extensions; their presence / lack of it makes no difference):

Certificate: Data: Version: 3 (0x2) Serial Number: cb:b5:11:9e:17:0f:aa:30 Signature Algorithm: sha256WithRSAEncryption Issuer: <string> Validity Not Before: Jul 16 12:04:27 2020 GMT Not After : Apr 15 12:04:27 2030 GMT Subject: <string> Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c1:16:6b:74:7e:b7:d0:da:8b:7f:55:bf:ee:c3: c1:c3:ff:48:8a:b2:2d:a9:48:17:f1:aa:8b:36:34: 21:b2:d8:22:09:7c:ba:7c:61:83:a9:0e:40:69:4c: b9:ed:25:dc:e6:f0:f8:45:b6:a6:14:2f:7a:2b:bc: 6d:9d:d3:d7:f5:4a:bd:dc:38:ed:88:f7:47:73:0a: 41:6f:15:a0:83:34:55:7b:4c:39:1d:8e:de:60:1f: 81:df:42:f5:b5:b9:0d:f5:90:9a:c4:80:ef:a7:1c: 38:93:c0:83:43:9b:5b:ef:cf:30:1a:70:29:26:e5: e2:35:0e:81:24:e7:97:75:d1:ae:f7:a4:bc:e7:28: 20:52:87:58:87:41:2f:4b:ca:cd:2d:af:08:8b:bf: 1f:a5:a3:e1:f3:d0:81:f1:9c:f6:36:a2:d4:8f:2e: 19:67:72:2d:41:2c:43:d9:4f:b5:6b:2d:60:e0:77: 39:2e:53:20:7d:49:fa:c0:43:f2:03:cc:17:71:93: cb:42:4e:42:41:23:2e:86:7c:b1:64:dc:a3:e4:7c: 60:37:43:56:ed:25:c5:97:ab:4d:90:98:c9:34:48: b2:bc:34:f9:fb:89:cb:20:62:25:91:cf:8f:dd:bd: 40:d6:03:bf:b5:fc:cd:f8:c9:db:df:25:bb:f7:17: 31:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:C5:5A:EC:01:FD:DE:76:54:E1:94:97:EC:35:B6:C4:23:8A:73:FC X509v3 Authority Key Identifier: keyid:A8:C5:5A:EC:01:FD:DE:76:54:E1:94:97:EC:35:B6:C4:23:8A:73:FC DirName:<string> serial:CB:B5:11:9E:17:0F:AA:30 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption 33:90:66:8c:e4:99:c4:4e:1c:b7:5c:7d:b7:16:67:f1:b4:bc: d6:b2:ce:36:c3:4f:77:db:e3:22:89:5c:63:cb:a4:0b:62:b4: c5:72:d8:37:02:c7:1b:83:0b:03:ad:c6:51:20:e1:fd:c8:28: 72:ea:62:da:be:e7:0b:68:e7:f2:7d:24:b6:59:2f:ab:4c:76: ba:42:38:fe:fb:e4:a1:91:ab:0f:9b:08:3f:d2:98:3b:c2:75: 78:97:cf:97:34:8f:c1:3f:b9:bd:a4:53:6d:ea:bc:03:33:86: a3:46:8f:b8:6e:09:be:67:43:d8:c4:17:85:3a:9e:e9:c0:86: fc:d4:25:51:e0:36:d2:fc:ca:84:43:68:a8:75:f5:b8:a3:87: 71:8d:b4:e9:78:69:b3:4d:52:10:ed:05:df:a0:b3:0d:34:f9: a0:99:99:29:12:74:d6:74:55:05:1b:7e:6c:81:48:ba:a2:05: 9e:f3:33:2b:6f:14:25:8a:a9:c6:ff:7d:28:01:03:32:3e:46: 68:b1:88:f2:04:b0:bd:83:a0:97:ca:12:84:03:49:9c:f6:63: 14:24:45:ab:dd:73:97:33:a0:fd:0e:94:95:b1:cb:95:cc:c3: 6c:82:fc:05:70:3d:9b:0e:ea:05:6e:e2:36:c1:2f:b3:87:b6: ca:58:59:b1

Client certificate:

Certificate: Data: Version: 3 (0x2) Serial Number: 302 (0x12e) Signature Algorithm: sha256WithRSAEncryption Issuer: <string> Validity Not Before: Mar 26 08:11:41 2020 GMT Not After : Mar 26 08:11:41 2022 GMT Subject: <string> Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:07:3c:54:4f:4c:77:66:75:21:c5:9d:1f:b0: da:92:ee:5f:4f:a9:79:a3:56:a9:fd:ec:0f:ff:c9: 23:de:3f:6a:f4:e3:5b:f5:d0:ef:cf:ae:1d:a8:80: 21:76:39:1e:e6:90:1a:da:dd:07:21:68:98:73:29: ea:f2:40:fe:9f:a3:b9:af:89:20:7d:0f:22:cb:cc: 50:de:30:af:66:00:52:93:2c:f1:a0:f5:7d:46:6e: c9:63:d9:c4:24:0a:db:9c:8c:66:52:04:f1:da:f8: 8b:71:27:46:60:98:94:49:b0:b2:05:e5:5d:7c:05: 8d:e0:51:35:eb:38:ae:d3:d7:dc:a5:21:72:d4:b9: 9a:be:29:3f:04:bd:11:c3:43:b7:d8:56:2b:4b:60: 08:9e:a9:77:55:a4:e6:d1:b8:b6:2b:57:ff:89:bc: 0a:87:b2:43:71:0c:aa:65:28:20:09:68:63:0b:d8: 2e:de:05:bf:40:95:a7:24:b4:2e:a0:c4:d8:37:66: 3e:28:d1:7b:4e:77:4f:23:7e:e7:44:85:3d:70:fc: eb:34:06:2a:9d:40:c9:30:0f:a6:df:0a:51:1e:54: 31:22:a9:d7:8b:7c:84:88:ef:77:ca:34:00:27:52: ef:34:d0:a5:a2:41:79:bd:45:0d:85:70:00:01:2c: 6a:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Key Encipherment, Data Encipherment X509v3 Extended Key Usage: TLS Web Client Authentication Netscape Cert Type: SSL Client Signature Algorithm: sha256WithRSAEncryption 5c:c1:da:4a:ba:37:21:54:24:21:f5:6f:83:b4:74:78:17:cb: d3:f8:63:a3:07:9c:34:7c:51:e5:97:4d:70:41:fa:91:1a:ce: 6f:87:32:24:81:65:00:3b:9a:c1:f6:32:82:9a:cc:6d:68:3e: 03:b7:3a:3d:3c:81:15:89:f8:12:27:b3:cd:d3:e5:7a:bd:e9: 49:f4:c1:19:58:39:dc:13:58:2c:8b:1b:a7:c6:ae:28:ad:4c: 9e:76:77:ff:fa:36:04:94:fb:bd:87:fe:f0:a5:2e:85:d8:29: 50:b6:c5:43:9b:f4:bd:5a:35:40:1f:23:59:e2:04:84:f2:b9: 91:ef:20:fe:99:28:e4:df:71:96:4a:ab:35:5c:57:c2:46:80: 20:7c:be:49:37:18:d1:0f:07:47:54:1c:e3:33:78:e0:c1:61: 93:bf:95:fd:f4:bd:27:a4:f1:6b:ba:62:8c:79:a0:57:ee:d3: bd:08:73:b1:37:41:10:68:38:7a:91:c5:3a:64:1b:54:66:b4: 19:cc:16:16:5d:94:7a:e2:f7:2b:79:bd:2a:ab:01:67:32:e9: 4a:2b:fb:da:df:5b:65:36:1a:8b:1d:a9:3c:2a:3f:bd:02:f0: eb:9b:e2:3b:46:0d:44:f8:ac:77:ac:6f:60:df:a5:27:00:4c: 8c:9f:a0:2c

1 Answer

Apparently the problem was with the old cert using PrintableStrings for all strings, but the new one using UTF8Strings for some. Regenerating the new one with PrintableStrings fixes it.

When OpenSSL tools are used, the string_mask option allows to control field encoding.

All credit for spotting the difference goes to Mozilla security engineer, Dana.

Pop Feed Daily

Firefox does not offer client certificate: SSL_ERROR_HANDSHAKE_FAILURE_ALERT

1 Answer

Your Answer

Sign up or log in

Post as a guest

You Might Also Like

My Minecraft account is taking forever to sign in [closed]

How is it possible to preview a Minecraft world only by using its seed?

Objective minecraft.custom:minecraft.leave_game not working

Is it just me or is the Rocket League's "Super Sonic Acrobatic Rocket-Powered Battle Cars" Konami Code easter egg GONE?