TLS-1.3 Certificate Authorities implementation and testing

Alexandre Schaff alexandre.schaff at
Mon Sep 2 16:49:40 UTC 2019

Sorry if question has already been asked, I saw .
Issue#3029 is a mixed discussion on both tls-1.2 extension "trusted CA
indication" (rfc6066#section-6) and TLS-1.3 "Certificate Authorities", thus
conclusion is unclear.

tests done :
openssl version used : openssl-1.1.1a
client : "openssl s_client ... -requestCAfile .." ; tls extension in client
Hello is present.
serverside :  'openssl s_server' using certfile which has 2 root-CA+cert
(certA and certB)  and keyfile which has both secrets.

Whatever the client sends in Certificate Authorities, s_server chooses the
first leaf certificate found within certfile.

Questions : is rfc8446#section-4.2.4 is not mandatory featuyre of tls-1.3.
Does openssl iimplements it fully ? If yes, how to test ?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list