Re: [TLS] Certificate handshake message - common config problems

[Daniel Kahn Gillmor <dkg@fifthhorseman.net>]

On 01/29/2010 01:13 PM, Martin Rex wrote:
> I know little about apache&OpenSSL (never installed or operated
> one myself), but IIRC, there are two seperate files, one with
> the EndEntity cert and one with the CertificateChain.
> It appears that all of the certificates from the Chain file will
> be blindly appended to the EndEntity cert when the certificate_list
> for the Certificate handshake message is composed. 

The docs for mod_ssl are pretty clear that the SSLCertificateChainFile
need not be used if the relevant certificates for the intermediate and
root CAs are already found in SSLCaCertificatePath, in which case it
appears that OpenSSL builds the chain automatically (and presumably
correctly):

http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslcertificatechainfile

Unfortunately, they also don't explicitly state that the certificates
*must* be properly ordered to be RFC-compliant.  in fact, they only say
"usually in certificate chain order".  This is probably a bug in mod_ssl
(at least in its documentation).  They should check and warn if the
provided CertificateChainFile does not form a proper chain.

> To easily see the cause of the problem, you need either WireShark
> or an SSL implementation that can visualize what it _receives_!.
> MSIE is fairly useless for this purpose, because it does _not_
> show you what it receives.  If anything, it shows
> what it _validates_, which is something entirely different.
> This becomes apparent in situations like this (duplicated cert
> in the chain), incorrectly ordered certs, or _missing_ certs
> in the chain if there's AIA information included.

I think you want:

 openssl s_client -connect $HOST:$PORT -showcerts

hth,

	--dkg