Ziyu, Thank you very much for help. I've compared briefly my code with apps/s_server.c to figure out any issue in my cod, but haven't checked s_client.c yet. I didn't expect that openssl s_client doesn't support the cert chain, so there is even no option to force it to send the chain from cmd line?
We've a test client together with other functions implemented in Pyhton using OpenSSL as well. However, it looks like it doesn't support the chain either (someone else implemented time back w/o cert chain case tested). And that's why I switched to openssl s_client to isolate the issue - our test framework is more complex with many different functions and I'm relatively new to it :) I'll fix our test client then. Yes, we use quite some v3 extensions which have been tested using separate Cert class. Thanks! Mary 2011/6/1 Ziyu Liu <[email protected]> > > > At 2011-06-01 13:10:30,"Mary Zhang" <[email protected]> wrote: > > >In fact, I just found that openssl s_sever gives same result of untrusted > >client cert - I forgot to specify "Verify" option to require client auth. > > >It looks like the s_client didn't send the certificate chain from the > client >cert file to server side, and the server cannot build the chain for > >validation. > > If you see the source code of the s_client/s_server in /app/s_server.c > ,/app/s_client.c and /app/s_cb.c ,you will see that it just loads one > certificate from the file and calls the *SSL_CTX_use_certificate* to set > the cert. > > >However, if I add client's intermediate CA to server's ca file (the root > ca >always there), then it works. > > >Double check, should the cert chain be sent over by client and server > >only need have the root ca in its ca file? Or server need include the > >intermediate CA in its ca file directly? > > There is no need to include an intermediate CA in the server.The server > just need to include the CA which signed the intermediate CA. > > >And how can I force s_client to send the cert chain to server if it's > >supported? > > When you called the *SSL_CTX_use_certificate_chain* correctly, > the chain will be sent over forcibly. > > >BTW, my test certs are attached (created using xca), my test cmds are: > > >openssl s_server -cert tls/example.com/cert.pem -CAfile tls/ > test.com>/ca.pem <http://test.com/ca.pem> -accept 8888 -Verify 10 > >openssl s_client -connect localhost:8888 -msg -showcerts -cert > >client1ica1.test.com.pem > > I think you should not use the SSL command tool to verify your > certficate.Writing a small program will be useful. > I used your certs in my test file and the program failed because of the > verificate error by the X509_STORE.The verify_result is * > X509_V_ERR_INVALID_PURPOSE.* I noticed that your cerificates have many > X509 extensions,so I think some X509 extensions may be not supported by > OpenSSL. > > Thanks! > > Mary > > > On Sat, May 28, 2011 at 10:42 AM, sandeep kiran p <[email protected] > > wrote: > >> Can you verify the client certificate using "openssl verify" with -CApath >> and -CAfile similar to what you have used in >> >> SSL_CTX_load_verify_locations(ctx, (char*)ca_fname, ca_path_ptr) >> >> Does it work if you specify only the client cert and not the entire chain >> when using s_client? >> >> /Sandeep >> >> On Sat, May 28, 2011 at 12:18 AM, Mary Zhang <[email protected]>wrote: >> >>> Ziyu, please see my answers inline. >>> >>> Thanks! >>> >>> Mary >>> >>> 2011/5/27 Ziyu Liu <[email protected]> >>> >>>> >>>> At 2011-05-27 13:27:43,"Mary Zhang" <[email protected]> wrote: >>>> >>>> Thanks, Ziyu. >>>> >>>> >The certificate is ok. >>>> >In fact, openssl s_client using same test cert works fine against >>>> openssl >s_server, and if I put the intermediate CA into my SSL server's ca >>>> file, it >works as well. >>>> >>>> Did you attach the intermediate CA to your client certificate chain >>>> file? >>>> >>>> [Mary] Yeah, client cert file contains the whole chain. >>> >>>> >>>> >So the issue is that my SSL server is not building the cert chain >>>> >correctly to validate against the root ca. >>>> >And I'm not sure whether I missed some call/config to enable the cert >>>> >chain validation. >>>> >>>> There is no specific difference between cert or cert chain. >>>> What verification depth have you set? >>>> Have you set the same CN when generating the root CA and intermediate >>>> CA? >>>> >>>> [Mary] You mean for validation of cert or cert chain, there is no >>> difference in code: same code should work? >>> That's what I expected, but somehow it failed with chain case >>> only. >>> >>>> The verification depth is set to 10 by default (previous other's code), >>>> I may double check that part. >>>> >>>> The root CA and intermediate CA have different CNs. And I used >>> xca to create them. >>> >>> >>>> You can test your server with the certifcates in my attachment. >>>> Structure: >>>> rootcert.pem signs servercert.pem,a intermediate cert which is in the >>>> clientchian.pem >>>> a intermediate cert signs the clientcert.pem. >>>> [Mary] Will try, but my test certs work fine with OpenSSL s_client and >>>> s_server, and so don't think the certs have issue. >>>> >>>> >>> >>>> Thanks! >>>> >>>> Mary >>>> >>>> 2011/5/26 Ziyu Liu <[email protected]> >>>> >>>>> Use the command 'openssl x509 -in serverCA.pem -text -noout' to check >>>>> if your certificate is generated ok.When you are goting to use the >>>>> intermediate CA , you must use X509 v3 extension. >>>>> Check if you have this content: >>>>> * X509v3 extensions: >>>>> X509v3 Basic Constraints: >>>>> CA:TRUE* >>>>> >>>>> >>>>> At 2011-05-27 06:53:04,"Mary Zhang" <[email protected]> wrote: >>>>> >>>>> Hi, >>>>> >>>>> I am using OpenSSL for a SSL server and "openssl s_client" to test it >>>>> with client auth required. >>>>> Self-sigend root cert is used for creating client certs, and the >>>>> self-signed root cert is added to SSL server's trusted ca file. >>>>> >>>>> It works fine when client cert has no chain, but if the client cert is >>>>> created by an intermediate ca which is signed by previous root ca, the SSL >>>>> server failed with unknown ca. >>>>> From the debug trace, looks like s_client sent the whole chain (the >>>>> client cert file contains the private key and the whole chain in PEM >>>>> format). >>>>> >>>>> I've thought that OpenSSL will automatically build the chain based on >>>>> what sent from client, and since the root ca is trusted, and it should >>>>> work. >>>>> Am I wrong? Do I need get the client's cert chain and set to the SSL >>>>> CTX for validation? >>>>> >>>>> BTW, here are the functions used: >>>>> >>>>> SSL_CTX_new(SSLv23_method()); >>>>> >>>>> >>>>> SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_BOTH); >>>>> >>>>> SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2); >>>>> >>>>> >>>>> SSL_CTX_set_cipher_list(ctx, CIPHER_LIST) >>>>> >>>>> SSL_CTX_use_certificate_chain_file(ctx, cert_fname) >>>>> >>>>> SSL_CTX_use_PrivateKey_file(ctx, cert_fname, SSL_FILETYPE_PEM) >>>>> >>>>> STACK_OF(X509_NAME) *ca_certs = SSL_load_client_CA_file((char >>>>> *)ca_fname); >>>>> >>>>> SSL_CTX_set_client_CA_list(ctx, ca_certs); >>>>> >>>>> >>>>> SSL_CTX_load_verify_locations(ctx, (char*)ca_fname, ca_path_ptr) >>>>> >>>>> >>>>> >>>>> SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, >>>>> NULL); >>>>> >>>>> >>>>> SSL_CTX_set_verify_depth(ctx, _verify_depth); >>>>> >>>>> >>>>> Thank you very much! >>>>> >>>>> >>>>> Mary >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> >>> >> > > >
