[openssl-users] Expected behavior for verification when a subordinate in a chain is promoted to a self signed root?

Jeffrey Walton noloader at gmail.com
Sun May 24 00:37:20 UTC 2015

I have an odd situation, and I don't know what the expect behavior is.
It was experienced when attempting to validate a path for

If I use s_client and `-showcerts`, I get a chain that terminates in
an old Root called "Class 3 Public Primary Certification Authority".
Its old and deprecated, so I tried to root or anchor trust in the next
lower intermediate.

The next lower intermediate is called ''VeriSign Class 3 Public
Primary Certification Authority - G5". Its sent in the chain, *but* I
downloaded it out of band from Symantec's site.

Then I ran s_client again with the downloaded version of the
certifcate (see below). It results in "Verify return code: 20 (unable
to get local issuer certificate)".

After some digging, it looks like ''VeriSign Class 3 Public Primary
Certification Authority - G5" are two different certificates with two
different serial numbers. One is sent in the chain and one is
available for download. What changed is the G5 certificate was
promoted to a self signed root due to the former CA deprecation. But
it reused the Disntiguished Name and public key, so Authority Key
Identifier and Subject Key Identifier stayed the same.

What is the expected behavior here? Should it fail or should it succeed?

Does the chain override the root or anchor? I think RFC 4518 treats
them as different certificates, so it just looks like the old G5
certificate is suprious and unnecessary. (... but confusing due to the
DN/SKI reuse)).



$ openssl s_client -connect usercenter.checkpoint.com:443 -tls1 \
    -servername usercenter.checkpoint.com \
    -CAfile VeriSign-Class-3-Public-Primary-Certification-Authority-G5.pem
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
    Protocol  : TLSv1
    Cipher    : AES128-SHA
    Session-ID: C58DA6CCEDD45F1BBA0FEE06C8A83B999E94105156DBF68365E98FD9E930668E
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1432427549
    Timeout   : 7200 (sec)
    Verify return code: 20 (unable to get local issuer certificate)

More information about the openssl-users mailing list