Solved: Cisco ISE SHA256RSA and RSASSA-PSS

Phil Neil · ‎06-30-2015

Hi All,

In the process of building Cisco ISE 1.4 for a customer.

Will Cisco ISE EAP-TLS authentication work with a server certificate that has Signature algorithm of sha256RSA and signature hash algorithm of sha256.

Client certificates also use signature algorithm of sha256RSA and signature hash algorithm of sha256.

The Microsoft CA was built with RSASSA-PSS and I've read documentation that Cisco ISE does not support the RSASSA-PSS signature algorithm.

The Microsoft CA of my customer was built with RSASSA-PSS so the root, intermediate etc CA certs have Signature algorithm of RSASSA-PSS and signature hash algorithm of sha256.

I am receiving the following errors when a user tries to authenticate.

OpenSSLErrorMessage SSL alert: code=0x233=563 ; source=local ; type=fatal ; message="X509 decrypt error - certificate signature failure"

OpenSSLErrorStack 140100438779648:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm:a_verify.c:152:

Am I correct in thinking that the issue would be because the root and intermediate CAs are using RSASSA-PSS?

Can the root and intermediate CAs use RSASSA-PSS but the server and client certificates have to use SHA256 as a maximum?

The following document says: http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-software/116068-configure-product-00.html

Warning: When you configure the Microsoft CA, it is important to understand that the ISE does not support the RSASSA-PSS signature algorithm. Cisco recommends that you configure the CA policy so that it uses sha1WithRSAEncryption or sha256WithRSAEncryption instead.

I really don't want the customer to have to rebuild their CA so any feedback would be great!

Thanks!

Regards,

Phil

Anurag Sharma · ‎02-21-2016

Hi Phil,

The SSA-PSS algorithm is currently unsupported in ISE. This will be fixed in 2.1

There is a bug/enhancement request filed for this: CSCug22137

As of now, you can only have the certificate be signed with SHA256RSA.

Regards,
Anurag Sharma

Hope that helps!
Please 'RATE' and 'MARK ACCEPTED', if applicable.

View solution in original post

nspasov · ‎06-30-2015

I ran into an issue like this before with a customer and unfortunately the CA had to be re-built.

Thank you for rating helpful posts!

Anurag Sharma · ‎02-21-2016

Hi Phil,

The SSA-PSS algorithm is currently unsupported in ISE. This will be fixed in 2.1

There is a bug/enhancement request filed for this: CSCug22137

As of now, you can only have the certificate be signed with SHA256RSA.

Regards,
Anurag Sharma

Hope that helps!
Please 'RATE' and 'MARK ACCEPTED', if applicable.

Jason Kunst · ‎09-09-2016

There are several defects around this:

CSCuz95531 OID 1.2.840.113549.1.1.10 to show as RSASSA-PSS

Per CSCug22137 ISE Does Not Support RSASSA-PSS Signature Algorithm

RSASSA-PSS is not currently recommended for certificates created by a CA. Better supported signature algorithms are sha1WithRSAEncryption and sha256WithRSAEncryption.

ISE 2.1 has the support per the release notes: http://www.cisco.com/c/en/us/td/docs/security/ise/2-1/release_notes/ise21_rn.html

Cisco ISE supports the use of RSASSA-PSS algorithm for trusted certificates and endpoint certificates for EAP-TLS authentication. When you view the certificate, the signature algorithm is listed as 1.2.840.113549.1.1.10 instead of the algorithm name.

Note However, if you use the Cisco ISE internal CA for the BYOD flow, the Admin certificate should not be signed using the RSASSA-PSS algorithm (by an external CA). The Cisco ISE internal CA cannot verify an Admin certificate that is signed using this algorithm and the request would fail.