5

Could you please help me to understand whether a client's certificate will be accepted by a server as valid during mutual TLS challenge based on diagram below? The client side knows nothing about server's Intermediate CA B, and vice versa a server side knows nothing about client's Intermediate CA A. Will validation going to happen on Level 1, if Level 2 missing information about Intermediate CAs?

Use-case

Viacheslav
  • 153
  • 1
  • 3

1 Answers1

4

When the client connects via SSL/TLS, the server will present its certificate chain, i.e. it will present its own certificate but can also offer the certificate for CA B.

If the server only presents its own certificate, then the client cannot validate the certificate and must close the connection or stop to ask the user.

If the server presents both certificates (and the client trusts the root CA, and certificates are valid for the usages and the server name) the client will accept the certificate as trusted.

In the case of PEM encoded certificates, the certificate chain is created by concatenating the certificates:

cat CA_B.pem >>myserver.pem

With pkcs12, its slightly more involved.

symcbean
  • 18,278
  • 39
  • 73
  • Although I've only described the behaviour of the client to the server, if you are using client authentication, the same applies the other way around. – symcbean Jun 15 '18 at 15:50
  • All three RFCs say the server, and client if authenticated, _must_ send full chain optionally excepting root/anchor, although many CAs nowadays support AIA so that a relier _can_ obtain intermediate certs directly and some do. Draft 1.3 proposes to relax the formerly stated (but not always implemented) requirement for strict order, but still requires the content be sufficient (except for revocation info in the absence of OCSP 'stapling'). – dave_thompson_085 Jun 16 '18 at 06:32
  • @symcbean what's the approach if there will be two root CA instead of one? for example Root CA 1 issued Client certificate, and Root CA 2 issued Server certificate – Viacheslav Jun 28 '18 at 08:22
  • @symcbean full chain trust from both sides? – Viacheslav Jun 28 '18 at 09:04
  • Exactly the same - just swap client and server in the description above. – symcbean Jun 28 '18 at 10:51