You are not logged in. Please login or register.
Active topics Unanswered topics
Welcome to the wolfSSL Forums!
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
References
Stable Releases - download stable product releases.
Development Branch - latest development branch on GitHub.
wolfSSL Manual - wolfSSL (formerly CyaSSL) product manual and API reference.
Search options
Hi Kaleb, I think that this practice might not be a best practice anymore (if it ever was):
Kaleb J. Himes wrote:...
We consider it best practice to validate all certificates in the chain and use this by default.
...
Quoting from https://datatracker.ietf.org/doc/html/r … ion-4.4.2:
Note: Prior to TLS 1.3, "certificate_list" ordering required each
certificate to certify the one immediately preceding it; however,
some implementations allowed some flexibility. Servers sometimes
send both a current and deprecated intermediate for transitional
purposes, and others are simply configured incorrectly, but these
cases can nonetheless be validated properly. For maximum
compatibility, all implementations SHOULD be prepared to handle
potentially extraneous certificates and arbitrary orderings from any
TLS version, with the exception of the end-entity certificate which
MUST be first.
So you might want to enable WOLFSSL_ALT_CERT_CHAINS by default to accomodate to "be prepared to handle potentially extraneous certificates".
In addition, wolfSSL isn't supporting "arbitrary orderings" currently, i.e. for a path A (trust anchor) -> B -> C -> D (leaf), if it receives the certificates in the order D - B - C, it fails.
I've found https://www.wolfssl.com/docs/wolfssl-manual/ch2/, which confirms the validation behavior described by the OP:
WOLFSSL_ALT_CERT_CHAIN ... allows loading intermediate CA's as trusted and ignoring no signer failures for CA's up the chain to root. The alternate certificate chain mode only requires that the peer certificate validate to a trusted CA.
But, as mentioned previously, it is not working like that currently, i.e. trust in intermediate CAs works even without WOLFSSL_ALT_CERT_CHAIN. Has something changed recently in regards to this?.
amirmaim wrote:...
to clarify: assuming we have 3 certificates A->B->C (A signed B, B signed C), where A is self-signed certificate, is there a way to load B as the my trust anchor, and allow WOLFSSL to authenticate C only with B (that is, without self-signed certificate)?
this behavior will be equivalent to OPENSSL with "partial_chain" flag.
...
amirmaim wrote:...
without the flag, OPENSSL return "unable to get local issuer certificate". WOLFSSL return -188 (ASN_NO_SIGNER_E).
I can't reproduce this error with the current (Aug 2021) wolfSSL source code from https://github.com/wolfSSL/wolfssl.
In my tests, if I only configure trust in an intermediate CA, wolfSSL validates the certification path successfully, instead of failing as described by the OP!.
Maybe in the past it was required to always chain up to self-signed root CAs to validate the certification paths (as OpenSSL does by default, unless X509_V_FLAG_PARTIAL_CHAIN is used), but not anymore?. Can anyone confirm?.
PS: From my tests, WOLFSSL_ALT_CERT_CHAINS isn't really related to this as it (apparently) only instructs the library to ignore unrelated certificates during validation and even without it enabled, trusting only in an intermediate CA currently suffices for successful validation.
Posts found: 3
Generated in 0.014 seconds (96% PHP - 4% DB) with 5 queries