Is it possible to have a certificate signed by 2 authorities?

2

1

To explain the situation a bit:

I'm building an iOS application that uses SSL pinning. I've created a self-signed certificate authority that issues SSL certificates to my web server, and the CA's certificate is bundled with the application for verification. I'd like to use letsencrypt to create the SSL certificates for the web server so that they are trusted implicitly by web browsers, but their certificates wouldn't be signed by my CA so this wouldn't work in the application. (It's worth noting that certificates issued by letsencrypt are very short lived, so they can't be used directly for SSL pinning).

So I'd like to generate a certificate using letsencrypt and then cross-sign it with my CA. Is this possible?

Ell Neal

Posted 2015-12-14T11:54:25.597

Reputation: 121

1

This might be better at http://security.stackexchange.com/

– Raystafarian – 2015-12-14T12:03:27.623

1Don't bundle root CA cert, bundle the final cert. Just use regular, commercial, 2-year long certs and publish new version of your app every year, bundled with 2 overlapping certs. It's easy for your cert-pinned client to accept one of several certs. OR have your www signed by letsencrycpt but sign API with self-signed on a subdomain. There is no point in your app accessing WWW or users accessing API via browser, so I don't really feel your problem. – Agent_L – 2015-12-14T12:03:46.740

As @Agent_L suggested, I would recommend to use a separate (sub)domain for the app api. – zelanix – 2015-12-14T13:00:08.987

@Agent_L the problem is purely my own. I don't need to do this, it would just make me happier to know that it's a valid SSL certificate, but still pinned. This question is just me asking "Can this be done?", not necessarily saying that I can't continue without doing it. – Ell Neal – 2015-12-14T13:04:37.153

@EllNeal Every SSL cert is valid. Self-signed can be more secure than signed by some commercial signer. – Agent_L – 2015-12-14T13:06:38.363

@Agent_L I agree, excuse my wording. I meant implicitly trusted. – Ell Neal – 2015-12-14T13:09:01.860

@EllNeal It's still not the correct term : ) It's merely "trusted by the guy who made your OS (or browser)". And they are sometimes wrong. – Agent_L – 2015-12-14T13:11:17.223

1@Agent_L: "Valid" itself has various meanings here – for example, in OpenPGP circles (and often when it comes to X.509 as well), it has nothing to do with format/syntax validity, but everything to do with trust of the signatures a certificate carries. A self-signed X.509 cert wouldn't be malformed, but still could be invalid in the sense that there's no trust anchor to verify it against... – user1686 – 2015-12-14T13:48:09.817

Answers

3

A certificate can only contain a single signature. But, since you are using SSL pinning anyway there is no need to have your own CA, because inside your iOS app you simply check the public key fingerprint. As long as you use the same key pair when renewing the certificate with letsencrypt the public key fingerprint fully identifies the certificate also after renewing.

Steffen Ullrich

Posted 2015-12-14T11:54:25.597

Reputation: 3 897

2

Is it possible to have a certificate signed by 2 authorities?

No. There's only room for one issuer, one authority key identifier, etc.

Also see Certificate with Multiple Signers? on the PKIX mailing list. PKIX is the Internet's PKI as called out by the IETF. Other PKIs may be different.

If you encounter another PKI that allows it, then it likely won't work/interop with browsers and other user agents like curl, wget, etc. They simply won't know how to handle the certificate.

jww

Posted 2015-12-14T11:54:25.597

Reputation: 1

Asked: 2015-12-14T11:54:25.597

Viewed: 1 019 times

Active: 2015-12-29T00:36:02.233