On 01/08/2018 06:33 PM, Norm Green wrote: > This question is regarding OpenSSL 1.1. > > Let's say I have this trust hierarchy: > > RootCA > CA1 > CA2 > CA3 > userCert > > > So userCert is signed by CA3, CA3 is signed by CA2, and so on up to > RootCA, which is a self-signed root cert. > > If I combine CA1,CA2,CA3 and userCert into single PEM file, chain.pem, > the openssl verify command only verifies the chain is correct if the > order of the file is such that the user cert occurs *last* in the > chain as follows: > > CA1 > CA2 > CA3 > userCert > > openssl verify -CAfile RootCA.pem chain.pem > > > What strikes me as odd is the order shown above is the *opposite* of > what is needed for the SSL_CTX_user_certificate_chain_file() function, > which requires the highest level CA to appear at the end of the file. > From the man page: > > SSL_CTX_use_certificate_chain_file() loads a certificate chain from > file into ctx. The certificates must be in PEM format and must be > sorted starting with the subject's certificate (actual client or > server certificate), followed by intermediate CA certificates if > applicable, and ending at the highest level (root) CA. > SSL_use_certificate_chain_file() is similar except it loads the > certificate chain into ssl. > > Is my understanding of things correct? Seems like there should be a > way for the openssl command to verify a chain file which will be used > with the > SSL_CTX_use_certificate_chain_file() function. But the verify command is intended to verify an *individual* certificate, not a file containing an entire chain -- the specific chain used is somewhat incidental. Did you try something like (with a 1.1.0 installation): openssl verify -CAfile RootCA.pem -untrusted chain.pem chain.pem with the leaf certificate as the first one in chain.pem? -Ben -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
