openssl 1.0 vs 1.1 s_client verify CA cert expiration

Matt Caswell matt at openssl.org
Thu Sep 30 16:50:40 UTC 2021 

See:

https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/

Matt


On 30/09/2021 17:43, nate wrote:
> Hello there
> 
> I support an app stack over here and a short time ago one of the devs 
> contacted me saying
> that they were getting some SSL cert errors connecting to a server.
> 
> Investigating things it turns out to be the Let's encrypt CA cert 
> expiration that
> happened recently, that server is managed by someone else so they are 
> trying to
> get them to fix it.
> 
> While investigating I saw some strange behavioral differences between 
> OpenSSL 1.0 and
> 1.1 specifically regarding checking of the CA cert.
> 
> If I run this on OpenSSL 1.0.2g (Ubuntu 16.04)
> 
> openssl s_client -connect bad_server_name:443 -servername bad_server_name
> (the server in question uses SNI)
> 
> I get at the end a clear:
> Verify return code: 10 (certificate has expired)
> 
> If I run on the same OpenSSL:
> 
> openssl s_client -connect bad_server_name:443 -servername 
> bad_server_name | openssl x509 -noout -dates
> 
> I get these dates:
> notAfter=Sep 30 14:01:15 2021 GMT
> notBefore=Aug 31 17:59:09 2021 GMT
> notAfter=Nov 29 17:59:08 2021 GMT
> 
> Which clearly shows the expired cert.
> 
> If I try the same on OpenSSL 1.1.1f (Ubuntu 20.04), I get only the 
> server cert
> not the CA cert dates:
> notBefore=Aug 31 17:59:09 2021 GMT
> notAfter=Nov 29 17:59:08 2021 GMT
> 
> Also on the first command there is no error saying the cert is expired 
> on OpenSSL 1.1.1f
> 
> additional differences it seems 1.1.1f defaults to a verify depth of 2 
> and 1.0.2g goes at least
> to 3 (perhaps more).
> 
> If I add -verify 3 to 1.1.1f to connect the first bit of output is:
> verify depth is 3
> depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
> verify return:1
> depth=1 C = US, O = Let's Encrypt, CN = R3
> (even if I set verify depth to 10 it doesn't report anything higher than 
> the cert above)
> 
> However on 1.0.2g I get this as the first bit of output:
> depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3
> verify error:num=10:certificate has expired
> 
> Can someone point me to the syntax for 1.1.1f that would get it to 
> verify the CA? Or is this
> a bug (maybe already fixed in a newer version not sure).
> 
> I am unsure why Let's encrypt would allow any certs to be signed with a 
> CA cert that
> was about to expire(especially given their low cert expiration times) 
> but that's their
> issue.
> 
> thanks
> 
> nate
>

More information about the openssl-users mailing list