Is the OCSP response verification algorithm described below
implemented exclusively by OpenSSL, or is the algorithm an
implementation
of a particular RFC algorithm?
Thanks!
Randy
On Jul 28, 2009, at 9:41 AM, Dr. Stephen Henson wrote:
On Tue, Jul 28, 2009, Natanael Mignon - michael-wessel.de wrote:
Dear list,
another problem with the OCSP-handling in Apache/mod_ssl:
[Tue Jul 28 14:27:12 2009] [error] SSL Library Error: error:
27069070:OCSP routines:OCSP_basic_verify:root ca not trusted
[Tue Jul 28 14:27:12 2009] [error] failed to verify the OCSP
response!
Now, of course this could be just correct and there could be an
error with the certificate store etc. But we get this error, when a
client authenticates using certificate "b3", which is issued by
"CA3" and the OCSP request is sent to "ocsp3". "CA3" is trusted for
Apache and also present and symlinked in /etc/ssl/certs.
If the client authenticates using cert "b2", which is issued by
"CA2" and the responder is "ocsp2", everything is fine. "CA2" is
trusted in the same way as "CA3".
If the client authenticates using cert "b1", which is issued by
"CA1" and the responder is "ocsp1", everything is fine. "CA1" is
trusted in the same way as "CA2" and "CA3".
To verify the OCSP handling, we execute the requests manually:
openssl ocsp -issuer CA1 -serial <serial of b1> -uri ocsp1... -->
GOOD, verify OK.
openssl ocsp -issuer CA2 -serial <serial of b2> -uri ocsp2... -->
GOOD, verify OK.
openssl ocsp -issuer CA3 -serial <serial of b3> -uri ocsp3... -->
GOOD, verify FAIL.
openssl ocsp -issuer CA1 -serial <serial of b3> -uri ocsp3... -->
GOOD, verify OK!
So obviously the OCSP signer certificate of ocsp3 has been issued
by CA1 (what we found in the OCSP response itself, of course).
What we did not get straight so far: How is the issuer certificate
determined to validate the OCSP signer certificate against in the
library functions (i.e. when Apache calls the OCSP verify
functions)? What might be needed here to get OpenSSL validate
against the correct issuer certificate?
I'm not sure what the problem is here. According to your description
the
responder ocsp3 is misconfigured and OpenSSL is behaving as you
would expect.
That error is due to the way OCSP responses are verified. It first
tries to
see if the response should be automatically accepted (responder
certificate is
issued by the CA or is the CA itself) if that fails it checks to see
if the
certificate is allowed to sign responses for *any* CA, so called
"global
responders". If thet fails you get the root CA not trusted meaning
it isn't
trusted as a global responder.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org