On Wed, Apr 04, 2001 at 10:03:27AM +0100, Graeme English wrote:
> I'm incorporating OpenSSL into a web browser and what I'm really after is a behavior
>similar to the other browsers around i.e. when an untrusted site is visited the user
>is warned but also gets the option to 'install' the received server certificate so
>that the next time the site is visited the warning is not displayed (I should have
>mentioned this before, sorry)
I more or less anticipated that you wanted to do something like this...
> As you say if I the peer sends the certificate chain then the verify error changes
>to X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN, but I don't think this is the behavior I
>need (also its up to the web server whether it sends the chain, I believe)
No, it is not up to the web server. The server must send the complete chain
except for the root certificate. From RFC2246, 7.4.2:
certificate_list
This is a sequence (chain) of X.509v3 certificates. The sender's
certificate must come first in the list. Each following
certificate must directly certify the one preceding it. Because
certificate validation requires that root keys be distributed
independently, the self-signed certificate which specifies the
root certificate authority may optionally be omitted from the
chain, under the assumption that the remote end must already
possess it in order to validate it in any case.
> Should I be storing these 'installed' web server certificates in a different file
>from the CA list and when I receive a peer certificate which cannot be verified
>against the CA list, then manually search through the other file to try and match the
>certificates that way ? If so what's the best way to accomplish this ?
I am not sure about the best way to handle it this way. The built-in
certificate verification routine will do precisely what is described
in the RFC, it will only approve a chain, of which the root CA certificate
is found locally. For a root CA certificate it is a necessary condition
to be self signed, so the built-in procedure will fail even if you put
an intermediate CA or server certificate to the certificate store.
Therefore you need to store the server certificates seperately and
might then compare the certificate sent with the certificates in the
seperate store. You can use the X509_cmp() function for this purpose.
When realizing this functionality, please check out the old bugtraq
messages. There were quite some subtle things with certificates being
accepted for a wrong server name by the user once but then the non-matching
certificate suddenly became valid for all server names (if memory serves
me right)... It is not necessary to fall into the same pitfalls again :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
