On 09/01/2015 03:45, Jerry OELoo wrote: > Hi All: > I am using X509_STORE_CTX_get1_chain() to get web site's full certificate chain. > Now I am encounter an issue that some web site does not return > intermediate CA certificate but only web site leaf certificate. > > For example. https://globaltrade.usbank.com > > Below is certificate I get. > > Subject: /C=US/ST=Minnesota/L=St. Paul/O=U.S. > Bank/OU=ISS/CN=globaltrade.usbank.com > Issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of > use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure > Server CA - G3 > > As my environment missing "VeriSign Class 3 Secure Server CA - G3" certificate. > > When open web site in Browsers (Chrome on windows), I can see > certificate chain is built successfully, I think this is because > browser should recognize "VeriSign Class 3 Secure Server CA - G3" this > intermediate CA, and automatically installed crt into system. > > So my question is how can I achieve same as browsers with openssl, > with openssl I can get error info. But where can I use program to > download VeriSign G3 certificate and installed automatically, then I > can build full certificate chain. > > Peer cert subject[/C=US/ST=Minnesota/L=St. Paul/O=U.S. > Bank/OU=ISS/CN=globaltrade.usbank.com] depth[0] error[20] > Peer cert subject[/C=US/ST=Minnesota/L=St. Paul/O=U.S. > Bank/OU=ISS/CN=globaltrade.usbank.com] depth[0] error[27] > Peer cert subject[/C=US/ST=Minnesota/L=St. Paul/O=U.S. > Bank/OU=ISS/CN=globaltrade.usbank.com] depth[0] error[21] > > The trick is that many (not all) certificates now include an "AuthorityInformation Access" (AIA) extension which (optionally) gives a download URL for the next certificate in the chain in case the browser does not have a local copy. This is the same extension which also (in another optional field) provides the URL of an OCSP revocation checking server. So in some clients (at least Internet Explorer 9+), the procedure for each certificate is: 1. Using the full Issuer DN (which is a complex ASN.1 structure), put them in the same form (already done because that part of the certificate has to be in the strict DER format), then do a binary compare for identity against the full Subject DN in all the certificates received from the other end. 2. If this fails, do the same against all the certificates in your local catalog of trusted root CAs. 3. If this fails, do the same against all the certificates in your local catalog of known Intermediary CAs. 4. If this fails, do the same against all the certificates in your local cache of previously downloaded certificates. 5. If this fails, look for an AIA extension in the cert and check if that extension includes a certificate download URL, then download from that URL to an in memory variable. If the validation ultimately succeeds, save that downloaded certificate from memory to your local cache. OpenSSL 1.0.1 and older include functions to do steps 1 (if the other end sent the certificates in the order needed) and 2. That code may be coerced into doing steps 3 and 4 by putting the intermediary certificates into the root store and checking if a certificate is self-signed to decide if it is trusted or just a potentially unverified intermediary. OpenSSL 1.0.2 beta apparently includes better code for most of these steps than 1.0.1. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded
