I run into "invalid CA certificate" (X509_V_ERR_INVALID_CA) error when I
was trying to verify a third level certificates with OpenSSL 0.9.8. It seems that the code in check_chain_extensions() function in crypto/x509/x509_vfy.c file assumes that either certificate must be directly signed by CA certificate or it must have EXFLAG_PROXY flag (see code around lines 504-520 and must_be_ca flag processing above). Note that second level certificates are verified correctly and the same third level certificates verified just fine with OpenSSL 0.9.6/0.9.7 I would appreciate if someone can check if this is an expected behavior for OpenSSL (and then I will have to find a workaround) or it is a bug (and then I'll be a happy camper waiting for next OpenSSL release). Thank you in advance, Aleksey Sanin ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
Aleksey Sanin writes:
> I run into "invalid CA certificate" (X509_V_ERR_INVALID_CA) error when I > was trying to > verify a third level certificates with OpenSSL 0.9.8. It seems that the > code in check_chain_extensions() > function in crypto/x509/x509_vfy.c file assumes that either certificate > must be directly signed by CA > certificate or it must have EXFLAG_PROXY flag (see code around lines > 504-520 and must_be_ca > flag processing above). Note that second level certificates are verified > correctly and the same > third level certificates verified just fine with OpenSSL 0.9.6/0.9.7 I'm not sure what you mean with "second level" and "third level", so let me explain in my own words. A chain of certificates, from CA you trust to the certificate you hold has to look like one of these: (CAx = CA (number x), EE = End Entitity, PRx = Proxy (number x)) CA1 -> ... -> CAn -> EE CA1 -> ... -> CAn -> EE -> PR1 -> ... -> PRn (you can have only one CA and only one PR) So it's correct that a EE certificate has to be signed by a CA and that any CA has to be signed by a CA (itself or another). It's also correct that a proxy certificate has to be signed by the EE certificate or another proxy certificate. What in all this do you call "third level certificate"? I'd be happy to look at your chain of certificates if needed. Cheers, Richard ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. -- Richard Levitte [hidden email] http://richard.levitte.org/ "When I became a man I put away childish things, including the fear of childishness and the desire to be very grown up." -- C.S. Lewis ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
Thanks for quick response and explanations! You are right, the
second certificate in the chain did not have CA ext flag set and 0.9.8 did not like it while 0.9.6/0.9.7 ignore this problem. Very strange that I missed this till now :( Thanks again, Aleksey ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
Aleksey Sanin writes:
> Thanks for quick response and explanations! You are right, the > second certificate in the chain did not have CA ext flag set and > 0.9.8 did not like it while 0.9.6/0.9.7 ignore this problem. Yup, it's true, OpenSSL has become tougher on non-compliant CA certificates. ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. -- Richard Levitte [hidden email] http://richard.levitte.org/ "When I became a man I put away childish things, including the fear of childishness and the desire to be very grown up." -- C.S. Lewis ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
On Fri, Jul 08, 2005 at 10:52:47AM +0200, Richard Levitte wrote:
> Aleksey Sanin writes: > > >Thanks for quick response and explanations! You are right, the > >second certificate in the chain did not have CA ext flag set and > >0.9.8 did not like it while 0.9.6/0.9.7 ignore this problem. > > Yup, it's true, OpenSSL has become tougher on non-compliant CA > certificates. Should we call not allowing CA certs with CA:FALSE or a Key Usage that does not include certificate signing "less buggy", rather than "tougher"? -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
Victor Duchovni writes:
> Should we call not allowing CA certs with CA:FALSE or a Key Usage that > does not include certificate signing "less buggy", rather than "tougher"? Sure :-). Cheers, Richard ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. -- Richard Levitte [hidden email] http://richard.levitte.org/ "When I became a man I put away childish things, including the fear of childishness and the desire to be very grown up." -- C.S. Lewis ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [hidden email] Automated List Manager [hidden email] |
Free forum by Nabble | Edit this page |