How does client verify the certificate provided by the server which is signed by different intermediate CA

Question

I am creating a c++ secure client-server application using openssl library. I am still not clear about some aspects of the SSLHandshake procedure

I have enabled Mutual TLS in-order verify the both the peers are trusted. I have 2 set of certificates and private keys. Both the sets have the same root certificate but different intermediate signers.

root CA ---> Intermediate CA1 ---->domain certificate1 (set 1)

root CA ---> Intermediate CA2 ---->domain certificate2 (set 2)

I have set the SSL_set_verify with VERIFY_PEER_CERT in both applications. I have not set the verification depth.

Server's call stack

1. Server gets the root CA and add it to the trusted certificate store
2. Server then get the PEM encoded certificate string in following format

  -----BEGIN CERTIFICATE-----
  Domain certificate 1
  -----END CERTIFICATE -----
  -----BEGIN CERTIFICATE-----
  Intermediate certificate by CA1
  -----END CERTIFICATE -----

 Server reads the Domain certificate 1 from the PEM string and call the SSL_CTX_use_certificate
 Server reads the Intermediate certificate from the string and add it to the extra_chain_certs using SSL_CTX_add_extra_chain_cert

3.Server loads the private key

Client's call stack

1. Client gets the root CA and add it to the trusted certificate store
2. Client then get the PEM encoded certificate string in following format

  -----BEGIN CERTIFICATE-----
  Domain certificate 2
  -----END CERTIFICATE -----
  -----BEGIN CERTIFICATE-----
  Intermediate certificate by CA2
  -----END CERTIFICATE -----

 Client reads the Domain certificate 2 from the PEM string and call the SSL_CTX_use_certificate
 Client reads the Intermediate certificate 2 from the string and add it to the extra_chain_certs using SSL_CTX_add_extra_chain_cert

3.Client loads the private key

Both parties will follow the SSLHandshake I need some clarification on the following.

1. Will the client/server completes is certificate chain using trusted certs and extra certs?

2. During SSLHandshake what shall the peer present? Only the domain certificate or the whole chain?

3. Will the SSLHandshake succeed because peer's intermediate CA is not present in local certificate store?

4. Does only having the root CA in store enough to verify the certificate chain presented by the peer?

5. If I am to create multiple clients from the same application, can I use the same context initialized with set 2 to connect multiple servers which are signed by same root CA?

Answer 1

Will the client/server completes is certificate chain using trusted certs and extra certs?

Yes, SSL_CTX_use_certificate will load the certificate and SSL_CTX_add_extra_chain_cert will load the chain certificates and both are sent to the peer during the TLS handshake.

During SSLHandshake what shall the peer present? Only the domain certificate or the whole chain?

Certificate and chain.

Will the SSLHandshake succeed because peer's intermediate CA is not present in local certificate store?

Since the peer sends the chain certificates up to the trusted root it is not necessary to have the peers chain certificate known up front, i.e. the handshake will succeed without.

Does only having the root CA in store enough to verify the certificate chain presented by the peer?

Yes, see last point.

If I am to create multiple clients from the same application, can I use the same context initialized with set 2 to connect multiple servers which are signed by same root CA?

It is not really clear for me what this means. But the same context can be used for multiple peers, i.e. to create multiple TLS sessions.