[openssl-users] OpenSSL s_client default certificates bug

Viktor Dukhovni openssl-users at dukhovni.org
Thu Nov 10 18:24:01 UTC 2016 

> On Nov 10, 2016, at 12:25 PM, Benjamin Flynn <Benjamin.Flynn at bigfishgames.com> wrote:
> 
> ### Failure when CAfile not specified
> 
> $ openssl s_client -connect bigfishgames-a.akamaihd.net:443
> CONNECTED(00000003)
> depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
> verify error:num=20:unable to get local issuer certificate
> ---
> Certificate chain
>  0 s:/C=US/ST=MA/L=Cambridge/O=Akamai Technologies Inc./CN=a248.e.akamai.net
>    i:/C=NL/L=Amsterdam/O=Verizon Enterprise Solutions/OU=Cybertrust/CN=Verizon Akamai SureServer CA G14-SHA2
>  1 s:/C=NL/L=Amsterdam/O=Verizon Enterprise Solutions/OU=Cybertrust/CN=Verizon Akamai SureServer CA G14-SHA2
>    i:/C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root
>  2 s:/C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root
>    i:/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
> ---
> Server certificate
> -----BEGIN CERTIFICATE-----
> ...
> -----END CERTIFICATE-----
> subject=/C=US/ST=MA/L=Cambridge/O=Akamai Technologies Inc./CN=a248.e.akamai.net
> issuer=/C=NL/L=Amsterdam/O=Verizon Enterprise Solutions/OU=Cybertrust/CN=Verizon Akamai SureServer CA G14-SHA2
> ---
> No client certificate CA names sent
> Peer signing digest: SHA512
> Server Temp Key: ECDH, P-256, 256 bits
> ---
> SSL handshake has read 4491 bytes and written 302 bytes
> Verification error: unable to get local issuer certificate
> ---
> New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
> Server public key is 2048 bit
> Secure Renegotiation IS NOT supported
> Compression: NONE
> Expansion: NONE
> No ALPN negotiated
> SSL-Session:
>     Protocol  : TLSv1.2
>     Cipher    : ECDHE-RSA-AES256-GCM-SHA384
>     Session-ID: CAA6B55CF1160CF74DF986563E56CFCB11A24B2CDB35480048885F2B88B4947F
>     Session-ID-ctx: 
>     Master-Key: 3AAC7100740F1A670EC8A63C9AD93656A3704C80CCFF1BD6554F4F055CF35DEEF1AAE9F4987465732E347A6E0E00CEDF
>     PSK identity: None
>     PSK identity hint: None
>     SRP username: None
>     TLS session ticket lifetime hint: 7200 (seconds)
>     TLS session ticket:
>     0000 - 6a 1c 2d 9a f7 6b 30 c0-09 47 f9 2f 24 9a 01 79   j.-..k0..G./$..y
>     0010 - cd f5 07 a7 9d 02 76 21-ab d3 dc df 88 97 ae d1   ......v!........
>     0020 - 51 f1 c0 a0 e6 01 cc a6-5b 08 a8 61 a6 2b f0 66   Q.......[..a.+.f
>     0030 - 31 fa a1 d2 b6 0c 5d 1d-d5 58 ff 6c 5e 27 bd a2   1.....]..X.l^'..
>     0040 - c8 66 c4 af 9d 5d 55 93-8d e1 28 cb 77 32 0b 7f   .f...]U...(.w2..
>     0050 - f5 74 cc 6f 56 c3 40 f2-91 65 72 6a b5 84 4b 08   .t.oV. at ..erj..K.
>     0060 - 2c bd cc fd e5 93 c7 a3-82 67 a5 70 47 16 f7 bc   ,........g.pG...
>     0070 - d5 1a 8a e3 1c 10 c4 21-86 06 58 44 ef c3 be ab   .......!..XD....
>     0080 - 72 8a f3 89 98 5f 85 79-b2 0c 92 0f 4a a6 f2 99   r...._.y....J...
>     0090 - bb 8c 50 a0 63 b6 29 9e-8e 03 f1 f9 41 bb 42 97   ..P.c.).....A.B.
> 
>     Start Time: 1478797302
>     Timeout   : 7200 (sec)
>     Verify return code: 20 (unable to get local issuer certificate)
>     Extended master secret: no

I am rather perplexed as to why you might expect verification success
with no trusted CAs specified...  What you report is exactly what should
happen, unless:

>    /C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root


appears in the default system-wide CApath or CAfile locations as reported by

  $ openssl version -d

to which path you can append either "/certs" or "cert.pem" to yield
CApath or CAfie respectively.

   SSL_CTX_load_verify_locations(3):

       SSL_CTX_set_default_verify_paths() specifies that the default locations
       from which CA certificates are loaded should be used. There is one
       default directory and one default file. The default CA certificates
       directory is called "certs" in the default OpenSSL directory.
       Alternatively the SSL_CERT_DIR environment variable can be defined to
       override this location. The default CA certificates file is called
       "cert.pem" in the default OpenSSL directory. Alternatively the
       SSL_CERT_FILE environment variable can be defined to override this
       location.

> $ openssl s_client -connect bigfishgames-a.akamaihd.net:443 -CAfile /etc/ssl/certs/GTE_CyberTrust_Global_Root.pem

Presumably that file's parent directory (/etc/ssl/certs) is not the same as
the directory as reported by "openssl -d" for the executable you're testing.

-- 
	Viktor.

More information about the openssl-users mailing list