On Wed, Nov 03, 2021 at 08:32:43PM +0000, Jason Schultz wrote: > To summarize, at application start time I read in all of the > certificates in /etc/ssl/certs/ to a trusted store created with > X509_STORE_new(). > > When getting ready to "start" a server (again, leaving a lot of > specifics out to avoid getting bogged down in details), I'm doing the > processing in the previous messages on this thread. Here are the API > calls again, with the changes previously discussed: > > ctx = SSL_CTX_new_ex(non_fips_libctx, NULL, TLS_method()); > SSL_CTX_use_PrivateKey_file(ctx,<keyfile>,SSL_FILETYPE_PEM); > SSL_CTX_use_certificate_file(ctx,<certfile>,SSL_FILETYPE_PEM); > SSL_CTX_check_private_key(ctx); > mycert = SSL_CTX_get0_certificate(ctx); > pkey = X509_get_pubkey(mycert); > > After that's done, I make several OpenSSL calls to get things set up the way I want: > > param = X509_VERIFY_PARAM_new(); > X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_PARTIAL_CHAIN); > X509_STORE_set1_param(ssl_trusted_certs, param); > X509_VERIFY_PARAM_free(param); > > I call these to treat intermediate certs as trust-anchors, so I can > trust an intermediate certificate; ssl_trusted_certs is the > aforementioned X509_STORE. I am puzzled as to you working so hard (writing a bunch of low-level trust-store and chain construction code) to construct at runtime, what could be created statically at chain file construction time. Especially if you stick with best practice and keep certificate lifetimes reasonably short (~90 days or less, not years). The certificate chain file constructed at the time the certificate is issued should work unchanged for the lifetime of the certificate, and the server applications can avoid having to execute any chain construction or verification code. Yes, you're asking somewhat "interesting" questions, in that, e.g., I am not up to speed on all the changes in 3.0.0, and perhaps there are indeed some issues around legacy SHA1 signatures, but I do suspect that a more productive use of your time is likely to reconsider the decision to work at such a low layer. It may be wiser to find a way to "unask" the question, i.e. make it moot, by avoiding rather than solving the problem. > I'm not clear on if the calls I've added to > SSL_CTX_get0_certificate(ctx) and X509_get_pubkey(), the latter of > which was being used before, are what's causing the problem. The > OpenSSL error queue shows the following on the > SSL_CTX_build_cert_chain() failure: > > 00B741558E7F0000:error:0308010C:digital envelope routines:(unknown function):unsupported:crypto/evp/evp_fetch.c:346:Global default library context, Algorithm (SHA1 : 96), Properties (<null>) > 00B741558E7F0000:error:03000072:digital envelope routines:(unknown function):decode error:crypto/x509/x_pubkey.c:444: > 00B741558E7F0000:error:03000072:digital envelope routines:(unknown function):decode error:crypto/x509/x_pubkey.c:444: > 00B741558E7F0000:error:0580006C:x509 certificate routines:(unknown function):unable to get certs public key:crypto/x509/x509_vfy.c:1986: > 00B741558E7F0000:error:0A000086:SSL routines:(unknown function):certificate verify failed:ssl/ssl_cert.c:905:Verify error:unspecified certificate verification error I haven't seen these before, your guess is as good as mine. -- Viktor.