openssl 1.0 vs 1.1 s_client verify CA cert expiration
nate
openssl at linuxpowered.net
Thu Sep 30 16:43:54 UTC 2021
Hello there
I support an app stack over here and a short time ago one of the devs
contacted me saying
that they were getting some SSL cert errors connecting to a server.
Investigating things it turns out to be the Let's encrypt CA cert
expiration that
happened recently, that server is managed by someone else so they are
trying to
get them to fix it.
While investigating I saw some strange behavioral differences between
OpenSSL 1.0 and
1.1 specifically regarding checking of the CA cert.
If I run this on OpenSSL 1.0.2g (Ubuntu 16.04)
openssl s_client -connect bad_server_name:443 -servername
bad_server_name
(the server in question uses SNI)
I get at the end a clear:
Verify return code: 10 (certificate has expired)
If I run on the same OpenSSL:
openssl s_client -connect bad_server_name:443 -servername
bad_server_name | openssl x509 -noout -dates
I get these dates:
notAfter=Sep 30 14:01:15 2021 GMT
notBefore=Aug 31 17:59:09 2021 GMT
notAfter=Nov 29 17:59:08 2021 GMT
Which clearly shows the expired cert.
If I try the same on OpenSSL 1.1.1f (Ubuntu 20.04), I get only the
server cert
not the CA cert dates:
notBefore=Aug 31 17:59:09 2021 GMT
notAfter=Nov 29 17:59:08 2021 GMT
Also on the first command there is no error saying the cert is expired
on OpenSSL 1.1.1f
additional differences it seems 1.1.1f defaults to a verify depth of 2
and 1.0.2g goes at least
to 3 (perhaps more).
If I add -verify 3 to 1.1.1f to connect the first bit of output is:
verify depth is 3
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
(even if I set verify depth to 10 it doesn't report anything higher than
the cert above)
However on 1.0.2g I get this as the first bit of output:
depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3
verify error:num=10:certificate has expired
Can someone point me to the syntax for 1.1.1f that would get it to
verify the CA? Or is this
a bug (maybe already fixed in a newer version not sure).
I am unsure why Let's encrypt would allow any certs to be signed with a
CA cert that
was about to expire(especially given their low cert expiration times)
but that's their
issue.
thanks
nate
More information about the openssl-users
mailing list