On 10/11/2019 20:45, Jeremy Harris wrote: > GnuTLS 3.6.8 > > I'm testing $subject using a 3-layer cert chain, and stapled ocsp > under TLS1.3 for which the middle item is non-valid.
(followup to myself...) I note that https://www.gnutls.org/manual/html_node/OCSP-stapling.html suggests cat'ing multiple ocsp respose PEMs. While GnuTLS is happy with that, it's not what I am doing since it results in a TLS wire-format which is incompatible with OpenSSL (and, I think, RFCs). The result of a file with several PEMs is (speaking from memory of wireshark sessions...) a Server Hello with a Certificates record having certificates interleaved with cert-status extensions. If you instead create an OCSP request for all the certs of the chain, and then an OCSP response from that, you get one "basicresponse" containing multiple "status" elements, all in one DER (or PEM). Either GnuTLS or OpenSSL is happy to swallow that on the server, and the wire format has a single "status" extension, placed between the first and second certificates, in the Server Hello. OpenSSL is happy with that wire format as the client. I'm wondering if GnuTLS, when validating certs, is not properly interpreting the multi-element basicresponse. -- Cheers, Jeremy _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
