1
I have a SSL client/server application.
My SSL client has only one root certificate authority (lets call it rootCA1) configured in its trust store.
However my ssl server produces a certificate that is signed by an intermediate CA (lets call it interCA1).
The intermediate CA has its certificate (lets call it deviceCert) signed by rootCA1 (which the client trusts). The SSL server produces the certificates of interCA1 as well as rootCA1 along with deviceCert during ssl hello.
Now openssl rejects such a connection at the client side.
Openssl should be able to establish the chain of trust by looking at deviceCert--signed by-->interCA1--signed by-->rootCA1
Since it trusts rootCA1 and the chain of trust can be seen in my understanding.
So why does it fail? why is it required to have intermediate CA's cofigured in client's trust store?
Keshava
Posted 2018-01-30T15:19:55.463
Reputation: 107
"Why is it required to have intermediate CA'" - The entire chain must be trusted for the certificate to be trusted. Just trusting the root CA isn't enough. – Ramhound – 2018-01-30T15:23:58.267
My assumption was since you trust root CA, you can trust all parties that are certified by a party certified by root CA, maybe my assumption is naive. – Keshava – 2018-01-30T16:17:35.280
@Keshava: if the server provides both server and chain certificates the the client can verify the full trust chain until the local root CA. If the servers does not provide the chain certificates the client cannot build the local trust chain since it does not know the missing certificates of the chain. Note that the server should not provide the root CA in the TLS handshake and that the certificates need to be in the right order. – Steffen Ullrich – 2018-01-30T16:56:57.847