[openssl-users] SSL_CTX_load_verify_locations only with CAPath

Tue Jul 7 02:56:56 UTC 2015

> From: openssl-users On Behalf Of Dr. Roger Cuypers
> Sent: Monday, July 06, 2015 10:43

> Follow up:
>
> For some reason, the X509_NAME_hash function calculates a very different
> hash for the server certificate:
>
> 5ad8a5d6
>
> Renaming the certificate to 5ad8a5d6.0 causes it to be found, but I wonder
> where the difference in the hashes lies.
>
[reformatted]
> openssl x509 -in D:\certs\-.wikipedia.org.crt -out D:\certs\-.wikipedia.org.der
> -outform DER
> openssl x509 -in D:\certs\-.wikipedia.org.der -inform DER -out
> D:\certs\-.wikipedia.org.pem -outform PEM

Aside: those first two steps accomplish nothing; -.wikipedia.org.crt was
already PEM (we know it worked in CAfile). 'x509' reads PEM by default.

> openssl x509 -in D:\certs\-
> .wikipedia.org.pem -noout -subject_hash
> 690deae8
>
> Then in D:\certs:
>
> D:\certs>mklink /h 690deae8.0 -.wikipedia.org.pem
>
<snip>

I bet you put the entire cert *chain* in the -.wikipedia.org.crt file.

The leaf cert (currently) used by wikipedia, with
subject= /C=US/ST=California/L=San Francisco/O=Wikimedia Foundation, Inc./CN=*.wikipedia.org
issuer= /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - SHA256 - G2
serial=1121972E32A5E5B2E29D472DFEDB72D6276E
notBefore=Dec 16 21:24:03 2014 GMT
notAfter=Feb 19 12:00:00 2017 GMT
has subject hash 690deae8.
This cert is sent from the server. It is not looked up in the truststore
and does not need to be in the truststore; if it is that copy is ignored.

The *root* cert for that wikipedia chain is
subject= issuer= /C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
serial=040000000001154B5AC394
notBefore=Sep  1 12:00:00 1998 GMT
notAfter=Jan 28 12:00:00 2028 GMT
and this has subject hash 5ad8a5d6. This is the only cert that needs to be
or is looked up in the truststore, and thus for CApath needs correct hash.

I thought, as the doc has (always? long?) said, that CApath must have
each cert (or CRL) in a separate file. But on checking I see that by_dir.c
actually calls X509_load_{cert,crl}_file from by_file.c, which for PEM
loads all certs (or crls) in a file to the working context. Thus a hashlink
to only the 3rd cert in a file, where that 3rd cert is the only one you need,
actually works even though not documented and I'm not sure intended.

________________________________

THIS MESSAGE IS CONFIDENTIAL. This e-mail message and any attachments are proprietary and confidential information protected from disclosure and intended only for the use of the recipient(s) named above. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this message or any attachments is strictly prohibited. If you have received this communication in error, please notify CardConnect immediately by replying to this message and then delete this message and any attachments from your computer.