Jump to content
Welcome to our new Citrix community!

ADC kernel crash on SAML auth with ECC key certs


Recommended Posts

Hi all,

  I was testing the SAML feature (both SP and IdP) and found out that I cannot use certs created with ECC private key as it's causing a kernel crash (ADC kernel restart, not the BSD one).

Back on RSA key certs and all is running fine.

Anyone had the same experience?

ADC release 13.0-36.27 and 12.1-52.15 Developer edition

 

Here is the openssl conf file I use to create the certificates:

[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
default_md = sha256

[req_distinguished_name]
C = IT
L = Rome
O = CompanyName
OU = IT
CN = sp.test.it

[v3_req]
basicConstraints = CA:TRUE
keyUsage = keyEncipherment, dataEncipherment, keyCertSign
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[alt_names]
DNS.1 = test1.test.it
 

And the batch file to create the certificate:

 

..\openssl ecparam -name secp384r1 -genkey -noout -out sso.test.it.key
..\openssl req -new -nodes -out sso.test.it.csr -key sso.test.it.key -config sso.conf
..\openssl req -text -noout -verify -in sso.test.it.csr
certreq -submit -attrib "CertificateTemplate:WebServer" sso.test.it.csr sso.test.it.cer
 

Internal domain Microsoft CA.

 

Thanks

Stefano

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...