[openssl-users] problems with s_client recognizing revoked intermediate/subordinate ca
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Mar 10 22:06:22 UTC 2016
On Thu, Mar 10, 2016 at 10:41:28PM +0100, Jakob Bohm wrote:
> >Any ideas what i could be doing wrong?
>
> Make sure the intermediary is not included in the "CA storage"
> (hashed or single file) used by the client. Anything in that
> storage is considered valid and not checked for revocation or
> validity.
This is changing in OpenSSL 1.1.0, and may yet change in a future
OpenSSL 1.0.2 update. Only the trust-anchor (top-most certificate
from the trust-store) is not checked for expiration or revocation
in OpenSSL 1.1.0.
Intermediate certificates are checked, whether they are from the
trust-store, or acquired from the peer. To get previous behaviour,
one needs to set the X509_V_FLAG_PARTIAL_CHAIN flag so that the
first certificate found in the trust store becomes the trust-anchor,
and chain construction stops there.
Another way (in OpenSSL 1.1.0) to get an intermediate certificate
to terminate the chain is to decorate it with explicit auxiliary
trust EKUs via the "-trustout" and "-addtrust" options of "openssl
x509", and then add the decorated certificate to the trust store.
--
Viktor.
More information about the openssl-users
mailing list