Error 18: self signed certificate

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Error 18: self signed certificate

Manoj
Hi, I am trying to create a client/server application on windows 7, where I have used self signed certificate at server side as well as at client side. I used SSL_CTX_use_certificate_file and then SSL_CTX_use_PrivateKey_file API to load the certificate and key. When there is a SSL_connect() call from client, the handshaking fails with the error stating Error 18: self signed certificate. So I want help related to- how to use and verify self signed certificate. The certificate are generated by using following command openssl req -x509 -nodes -days 1059 -newkey rsa:2048 -keyout testkey.pem -out testcert.pem -config pathtoconfig\openssl.cnf Regards Manoj
Reply | Threaded
Open this post in threaded view
|

Re: Error 18: self signed certificate

Elluru, Krishna
HI Manoj
        if you check the documentation, it shows
18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificatethe
passed certificate is self signed and the same certificate cannot be found
in the list of trusted certificates.

corresponding code can be found in x509_vfy.c, where you need to add the
ceritificate to trusted list.

if (ctx->check_issued(ctx, x, x))
                {
                /* we have a self signed certificate */
                if (sk_X509_num(ctx->chain) == 1)
                        {
                        /* We have a single self signed certificate: see if
                         * we can find it in the store. We must have an exact
                         * match to avoid possible impersonation.
                         */
                        ok = ctx->get_issuer(&xtmp, ctx, x);
                        if ((ok <= 0) || X509_cmp(x, xtmp))
                                {
                                ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; >> this is the
error you are getting.
                                ctx->current_cert=x;
                                ctx->error_depth=i-1;
                                if (ok == 1) X509_free(xtmp);
                                bad_chain = 1;
                                ok=cb(0,ctx);
                                if (!ok) goto end;
                                }
                        else
                                {
                                /* We have a match: replace certificate with store version
                                 * so we get any trust settings.
                                 */
                                X509_free(x);
                                x = xtmp;
                                (void)sk_X509_set(ctx->chain, i - 1, x);
                                ctx->last_untrusted=0;
                                }
                        }

Thanks
Krishna Mohan.

From:  Manoj <[hidden email]>
Reply-To:  "[hidden email]" <[hidden email]>
Date:  Friday, 15 November 2013 2:27 PM
To:  "[hidden email]" <[hidden email]>
Subject:  Error 18: self signed certificate


self signed certificate
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Error 18: self signed certificate

Martin Hecht
In reply to this post by Manoj
Hi Manoj,

I don't know this API, but I believe it complains about the fact that
the certificate is self-signed.

Maybe there are some means to add the certificate to "trusted
certificates", maybe it is sufficient  to copy it somewhere, where your
openssl looks for trusted certificates (in Linux it is usually
/etc/ssl/certs/, in Windows I'm not sure, probably some folder below
programs\openssl or so).

If it doesn't work with self-signed certifcates at all, the openssl ca
command would be a simple option to generate a few certificates signed
by the self-signed one. You would put the self-signed certificate into
the trusted certificates folder on the client and the server and use two
other certificates in the API on the client and the server respectively.

best regards,
Martin

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Error 18: self signed certificate

Walter H.
In reply to this post by Manoj
Windows has its own System wide certificate store;

look at  certmgr.msc

keep in mind, that some applications have their own store
e.g.  Mozilla ThunderBird, Mozilla FireFox
and some other can use this system wide certificate store
e.g. Adobe Reader/Pro/Std

Walter

On 15.11.2013 09:57, Manoj wrote:
Hi, I am trying to create a client/server application on windows 7, where I have used self signed certificate at server side as well as at client side. I used SSL_CTX_use_certificate_file and then SSL_CTX_use_PrivateKey_file API to load the certificate and key. When there is a SSL_connect() call from client, the handshaking fails with the error stating Error 18: self signed certificate. So I want help related to- how to use and verify self signed certificate. The certificate are generated by using following command openssl req -x509 -nodes -days 1059 -newkey rsa:2048 -keyout testkey.pem -out testcert.pem -config pathtoconfig\openssl.cnf Regards Manoj
View this message in context: Error 18: self signed certificate
Sent from the OpenSSL - User mailing list archive at Nabble.com.


smime.p7s (7K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

RE: Error 18: self signed certificate

Dave Thompson-5
In reply to this post by Martin Hecht
> From: owner-openssl-users On Behalf Of Martin Hecht
> Sent: Friday, November 15, 2013 12:28

> Maybe there are some means to add the certificate to "trusted
> certificates", maybe it is sufficient  to copy it somewhere, where your
> openssl looks for trusted certificates (in Linux it is usually
> /etc/ssl/certs/, in Windows I'm not sure, probably some folder below
> programs\openssl or so).
>
But only if your app calls SSL_CTX_default_verify_paths (it's not
automatic default for a custom app, as it is for commandline).
If you have commandline from the same build (as you should)
'openssl version -d' (or -a) tells you where the the default is.

Alternatively you can put the truststore files anywhere you like
and call SSL_CTX_set_verify_locations. This can be useful if you
want different trust rules for different applications or users,
but extra work and opportunity for mistakes if you don't.
Or if you don't have the certs in files at all, you can hand-build
SSL_CTX_get/set_cert_store , but that's more work.
Apparently there will be more extensive APIs in 1.0.2.

> If it doesn't work with self-signed certifcates at all, the openssl ca
> command would be a simple option to generate a few certificates signed
> by the self-signed one. You would put the self-signed certificate into
> the trusted certificates folder on the client and the server and use two
> other certificates in the API on the client and the server respectively.
>
OpenSSL relier (client) definitely does support selfsigned cert if it's in
the
truststore. It is more flexible and often convenient to use one selfsigned
root to issue other certs, but it's not necessary. Also a nit: 'ca' is the
original
and arguably better way to issue child certs, but for some time 'x509 -req'
is also capable of doing so with some limitations.


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Error 18: self signed certificate

Manoj
In reply to this post by Elluru, Krishna
Thanks Guys for the help, I got it working by loading the location using API SSL_CTX_load_verify_locations(). The location where I have the certificate available.

I have another question related to certification verification itself.
Can by any mean, I verify a peer certificate(self signed) without having it in the trust-store?
 or
Let me put in other words , Server application verifiying clients with each client having its own self signed certificate, Does the server require any prior information about certificates (i.e. having them as part of cert trust store)?

Or
Is there any way possible of getting peer certificate without having set the SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback);

Regards
Manoj
Reply | Threaded
Open this post in threaded view
|

RE: Error 18: self signed certificate

Mark Currie
Hi

I also managed to get self-signed certs to work like this but does anyone
know how to use self-signed certs in a RAM-only environment i.e. no disk
available?

> -----Original Message-----
> From: [hidden email] [mailto:owner-openssl-
> [hidden email]] On Behalf Of Manoj
> Sent: 18 November 2013 10:09
> To: [hidden email]
> Subject: Re: Error 18: self signed certificate
>
> Thanks Guys for the help, I got it working by loading the location using
API
> SSL_CTX_load_verify_locations(). The location where I have the certificate
> available.
>
> I have another question related to certification verification itself.
> Can by any mean, I verify a peer certificate(self signed) without having
it in
> the trust-store?
>  or
> Let me put in other words , Server application verifiying clients with
each
> client having its own self signed certificate, Does the server require any
prior
> information about certificates (i.e. having them as part of cert trust
store)?
>
> Or
> Is there any way possible of getting peer certificate without having set
the

> SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback);
>
> Regards
> Manoj
>
>
>
> --
> View this message in context: http://openssl.6102.n7.nabble.com/Error-18-
> self-signed-certificate-tp47361p47388.html
> Sent from the OpenSSL - User mailing list archive at Nabble.com.
> ______________________________________________________________
> ________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Error 18: self signed certificate

Dave Thompson-5
> From: owner-openssl-users On Behalf Of Mark Currie
> Sent: Monday, November 18, 2013 03:24

> I also managed to get self-signed certs to work like this but does anyone
> know how to use self-signed certs in a RAM-only environment i.e. no disk
> available?
>
Your OS or C runtime might provide a RAM filesystem in which case you can
use that, assuming you have the cert(s) to put in it. Otherwise as I said
earlier, build SSL_CTX cert_store by hand, ditto.

Both these assume you have some permanent storage, maybe FLASH
or even ROM. Presumably the program comes from somewhere secure,
so at worst you can embed the cert data in your program, either as plain C
data or as something like a 'resource' in Windows or MacOS.

> > -----Original Message-----
> > From: [hidden email] [mailto:owner-openssl-
> > [hidden email]] On Behalf Of Manoj
> > Sent: 18 November 2013 10:09
> > To: [hidden email]
> > Subject: Re: Error 18: self signed certificate
> >
> > Thanks Guys for the help, I got it working by loading the location using
> API
> > SSL_CTX_load_verify_locations(). The location where I have the
certificate

> > available.
> >
> > I have another question related to certification verification itself.
> > Can by any mean, I verify a peer certificate(self signed) without having
> it in
> > the trust-store?
> >  or
> > Let me put in other words , Server application verifiying clients with
> each
> > client having its own self signed certificate, Does the server require
any
> prior
> > information about certificates (i.e. having them as part of cert trust
> store)?
> >
For OpenSSL to do the verification it must have cert in truststore, yes.
(To be exact it must have the root; for selfsigned the root is the cert.)

You can override or replace OpenSSL's verification using the callback(s),
but what will you use instead? There's nothing in a selfsigned cert by
itself (without a truststore) that can't be faked. Instead of full certs
you could configure the peer=client publickey values and accept
any cert using that value -- assuming handshake succeeds through
Finished which also proves client possession of the privatekey.
That's what ssh does, with a shortcut for configuration on first use.
You could configure hashes of the publickeys -- even with MD5 and
probably SHA1 broken for collision AFAIK there's no 2nd-preimage.
You could configure hashes of the certs -- ditto -- although that
would make it harder to debug cases where a client created multiple
certs for the same key -- perhaps one by mistake and a corrected one --
and one of you has the wrong one.

If you have more than a few authenticated clients, it is usually easier
to issue them certs under a CA -- either your own ad-hoc CA, which
can be done with OpenSSL, or a 'real' public or organization CA --
and the server then only needs that one cert. Note if you use
a CA that issues EE certs under an intermediate or "chain" cert --
which (all?) public ones do now -- according to standard the client
should be configured to send the chain certs. However OpenSSL
relier will fill in missing chain certs from its truststore, so it may be
easier to just configure them once on the server.

> > Or
> > Is there any way possible of getting peer certificate without having set
> the
> > SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback);
> >
For *server* to get *client* cert, you must set SSL_VERIFY_PEER. It's
your choice whether to use a callback or not (you can set it null). For
*some* clients you may also need to call _set_client_CA_list to tell
the client which cert you want when it has more than one, but for
simple OpenSSL clients they just use the one (per kx) configured
cert&key without checking if it matches the server request.

For *client* to get *server* cert you don't actually have to do anything;
if handshake selects a suite that uses certs, you get the cert, period.
If it selects a suite that doesn't use certs (either noncert auth like
Kerberos,
or no authentication at all) you never get a cert no matter what you set.



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Error 18: self signed certificate

Mark Currie
Thank you for your advice. SSL_CTX_get_cert_store() was the right clue and
X509_STORE_add_cert() did the trick.

> -----Original Message-----
> From: [hidden email] [mailto:owner-openssl-
> [hidden email]] On Behalf Of Dave Thompson
> Sent: 19 November 2013 00:07
> To: [hidden email]
> Subject: RE: Error 18: self signed certificate
>
> > From: owner-openssl-users On Behalf Of Mark Currie
> > Sent: Monday, November 18, 2013 03:24
>
> > I also managed to get self-signed certs to work like this but does
> > anyone know how to use self-signed certs in a RAM-only environment
> > i.e. no disk available?
> >
> Your OS or C runtime might provide a RAM filesystem in which case you can
> use that, assuming you have the cert(s) to put in it. Otherwise as I said
> earlier, build SSL_CTX cert_store by hand, ditto.
>
> Both these assume you have some permanent storage, maybe FLASH or even
> ROM. Presumably the program comes from somewhere secure, so at worst
> you can embed the cert data in your program, either as plain C data or as
> something like a 'resource' in Windows or MacOS.
>
> > > -----Original Message-----
> > > From: [hidden email] [mailto:owner-openssl-
> > > [hidden email]] On Behalf Of Manoj
> > > Sent: 18 November 2013 10:09
> > > To: [hidden email]
> > > Subject: Re: Error 18: self signed certificate
> > >
> > > Thanks Guys for the help, I got it working by loading the location
> > > using
> > API
> > > SSL_CTX_load_verify_locations(). The location where I have the
> certificate
> > > available.
> > >
> > > I have another question related to certification verification itself.
> > > Can by any mean, I verify a peer certificate(self signed) without
> > > having
> > it in
> > > the trust-store?
> > >  or
> > > Let me put in other words , Server application verifiying clients
> > > with
> > each
> > > client having its own self signed certificate, Does the server
> > > require
> any
> > prior
> > > information about certificates (i.e. having them as part of cert
> > > trust
> > store)?
> > >
> For OpenSSL to do the verification it must have cert in truststore, yes.
> (To be exact it must have the root; for selfsigned the root is the cert.)
>
> You can override or replace OpenSSL's verification using the callback(s),
but
> what will you use instead? There's nothing in a selfsigned cert by itself
> (without a truststore) that can't be faked. Instead of full certs you
could
> configure the peer=client publickey values and accept any cert using that
> value -- assuming handshake succeeds through Finished which also proves
> client possession of the privatekey.
> That's what ssh does, with a shortcut for configuration on first use.
> You could configure hashes of the publickeys -- even with MD5 and probably
> SHA1 broken for collision AFAIK there's no 2nd-preimage.
> You could configure hashes of the certs -- ditto -- although that would
make
> it harder to debug cases where a client created multiple certs for the
same
> key -- perhaps one by mistake and a corrected one -- and one of you has
the
> wrong one.
>
> If you have more than a few authenticated clients, it is usually easier to
issue
> them certs under a CA -- either your own ad-hoc CA, which can be done with
> OpenSSL, or a 'real' public or organization CA -- and the server then only
> needs that one cert. Note if you use a CA that issues EE certs under an
> intermediate or "chain" cert -- which (all?) public ones do now --
according to
> standard the client should be configured to send the chain certs. However
> OpenSSL relier will fill in missing chain certs from its truststore, so it
may be

> easier to just configure them once on the server.
>
> > > Or
> > > Is there any way possible of getting peer certificate without having
> > > set
> > the
> > > SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback);
> > >
> For *server* to get *client* cert, you must set SSL_VERIFY_PEER. It's your
> choice whether to use a callback or not (you can set it null). For
> *some* clients you may also need to call _set_client_CA_list to tell the
client
> which cert you want when it has more than one, but for simple OpenSSL
> clients they just use the one (per kx) configured cert&key without
checking if
> it matches the server request.
>
> For *client* to get *server* cert you don't actually have to do anything;
if
> handshake selects a suite that uses certs, you get the cert, period.
> If it selects a suite that doesn't use certs (either noncert auth like
Kerberos,
> or no authentication at all) you never get a cert no matter what you set.
>
>
>
> ______________________________________________________________
> ________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]